Search CVE reports

Toggle filters

1 – 10 of 57 results

CVE-2026-41685

Medium priority
Needs evaluation

security update

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-41684

Medium priority
Needs evaluation

security update

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-41648

Medium priority
Needs evaluation

security update

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-40251

Medium priority
Needs evaluation

security update

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-40197

Medium priority
Needs evaluation

security update

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2026-34179

Medium priority
Vulnerable

In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS...

2 affected packages

lxd, incus

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
lxd Not in release Not in release Not in release Not affected Not affected
incus Vulnerable Vulnerable Not in release
Show less packages

CVE-2026-34178

Medium priority
Vulnerable

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same...

2 affected packages

lxd, incus

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
lxd Not in release Not in release Not in release Not affected Not affected
incus Vulnerable Vulnerable Not in release
Show less packages

CVE-2026-34177

Medium priority
Vulnerable

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under...

2 affected packages

lxd, incus

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
lxd Not in release Not in release Not in release Not affected Not affected
incus Not affected Vulnerable Not in release
Show less packages

CVE-2026-33945

High priority
Needs evaluation

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an...

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Not affected Not affected
Show less packages

CVE-2026-33898

Medium priority
Needs evaluation

Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` incorrectly validates the authentication token such that an invalid value will be accepted. `incus webui`...

2 affected packages

incus, lxd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
incus Needs evaluation Needs evaluation Not in release
lxd Not in release Not in release Not in release Not affected Not affected
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON