| CVE-2026-33945 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Pri… |
| CVE-2026-33898 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` incorrectly validates the authentication token such that an invalid value wil… |
| CVE-2026-33897 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for po… |
| CVE-2026-33743 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to cras… |
| CVE-2026-33711 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is … |
| CVE-2026-33542 |
unknown |
— |
— |
|
|
|
2mo ago |
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to ima… |
| CVE-2026-23954 |
unknown |
— |
— |
|
|
|
4mo ago |
Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use d… |
| CVE-2026-23953 |
unknown |
— |
— |
|
|
|
4mo ago |
Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ grou… |
| CVE-2025-64507 |
unknown |
— |
— |
|
|
|
7mo ago |
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a c… |
| CVE-2025-52890 |
unknown |
— |
— |
|
|
|
11mo ago |
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security optio… |
| CVE-2025-52889 |
unknown |
— |
— |
|
|
|
11mo ago |
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) th… |