Symlink Attack Vulnerability in FlashAttention by Dao-AILab
CVE-2026-62239
Key Information:
- Vendor
Dao-ailab
- Status
- Vendor
- CVE Published:
- 13 July 2026
Badges
What is CVE-2026-62239?
The FlashAttention product from Dao-AILab, specifically version 2.8.3.post1, is compromised by a symlink attack vulnerability within the download_and_copy() function of hopper/setup.py. This flaw arises as the software extracts NVIDIA toolchain archives without adequate validation of symlinks or proper filtering of tar members. An attacker with local access could pre-place a symlink in a predictable cache directory, allowing for the potential redirection of extracted binaries to an arbitrary location of their choosing. This ultimately results in arbitrary file write access with the privileges of the user during the build process.
Affected Version(s)
flash-attention 0 <= 2.8.3.post1
flash-attention 0816ef12f424c6ec94b057a72c275b14f6e6edb2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
