Canonical Lxd vulnerabilities

CVE-2026-34178 [CRITICAL] CWE-20 CVE-2026-34178: In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/in In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permissio

CVE-2026-34179 [CRITICAL] CWE-915 CVE-2026-34179: In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.

CVE-2026-34177 [CRITICAL] CWE-184 CVE-2026-34177: Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidde Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a

[HIGH] adsys, juju-core, lxd vulnerabilities adsys, juju-core, lxd vulnerabilities USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go Networking could hang during shutdown if preempted by a fatal error. An attacker could possibly use this to cause a denia

CVE-2026-33897 [CRITICAL] CVE-2026-33897: Incus is a system container and virtual machine manager Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementation of pongo2 within Incus allowed for fi

CVE-2026-33542 [MEDIUM] CVE-2026-33542: Incus is a system container and virtual machine manager Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Version 6.23.0 patches the issue.

CVE-2026-28384 [CRITICAL] CWE-78 CVE-2026-28384: An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authentic An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the snap versions 5.0.6-e49d9f4 (channel 5.0/stable), 5.21

CVE-2026-3351 [LOW] CWE-862 CVE-2026-3351: Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allow Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server.

CVE-2026-23953 [HIGH] CVE-2026-23953: Incus is a system container and virtual machine manager Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to newline injection. This can allow adding arbitrary lifecy

CVE-2026-23954 [HIGH] CVE-2026-23954: Incus is a system container and virtual machine manager Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitrary command execution on the host. Wh

CVE-2025-64507 [HIGH] CVE-2025-64507: Incus is a system container and virtual machine manager Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the `security.shifted` property set to `true` as well as access to the host as an unprivileged user. The most common case for this would be systems us

CVE-2025-54289 [HIGH] CWE-1385 CVE-2025-54289: Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker w Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format

CVE-2025-54287 [HIGH] CWE-1336 CVE-2025-54287: Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attac Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.

CVE-2025-54293 [HIGH] CWE-22 CVE-2025-54293: Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authentic Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.

CVE-2025-54286 [HIGH] CWE-352 CVE-2025-54286: Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an atta Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication.

CVE-2025-54288 [MEDIUM] CWE-290 CVE-2025-54288: Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container pla Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.

CVE-2025-54290 [MEDIUM] CWE-200 CVE-2025-54290: Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows ne Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.

CVE-2025-54292 [MEDIUM] CWE-22 CVE-2025-54292: Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.

CVE-2025-54291 [MEDIUM] CWE-209 CVE-2025-54291: Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.

CVE-2024-6156 [LOW] CWE-295 CVE-2024-6156: Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's c Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.