Vulnerabilities in lxc
22 resultsCVE-2026-23954HIGHIncus container image templating arbitrary host file read and writeEPSS 0.7%CVE-2026-33897CRITICALIncus vulnerable to arbitrary file read and write through pongo templatesEPSS 0.5%CVE-2026-23953HIGHIncus container environment configuration newline injectionEPSS 0.5%CVE-2026-33945CRITICALAbitrary file write through systemd-creds optionEPSS 0.4%CVE-2026-40251HIGHIncus out-of-bounds panic in snapshot metadata handling allows denial of serviceEPSS 0.4%CVE-2026-41684MEDIUMIncus: Nil Dereferences on Restore via Malformed YAMLEPSS 0.4%CVE-2026-40195HIGHIncus nil-pointer dereference in storage bucket import allows denial of serviceEPSS 0.4%CVE-2026-41647MEDIUMIncus: Nil-Pointer Dereference via S3 Bucket ImportEPSS 0.4%CVE-2026-33743MEDIUMIncus vulnerable to denial of source through crafted bucket backup fileEPSS 0.4%CVE-2026-33711MEDIUMIncus vulnerable to local privilege escalation through VM screenshot pathEPSS 0.4%CVE-2026-33898HIGHLocal Incus UI web server vulnerable to nuthentication bypassEPSS 0.3%CVE-2026-41685MEDIUMIncus: Unbounded binary import disk exhaustionEPSS 0.3%CVE-2026-40197HIGHIncus nil-pointer dereference in custom volume import allows denial of serviceEPSS 0.3%CVE-2026-35527MEDIUMIncus blind SSRF via image import preflight HEAD requestEPSS 0.3%CVE-2026-41648MEDIUMIncus: Unbounded YAML Metadata Decode via ParsingEPSS 0.3%CVE-2025-52889LOWIncus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLsEPSS 0.2%CVE-2025-52890HIGHIncus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLsEPSS 0.2%CVE-2026-33542MEDIUMIncus does not verify combined fingerprint when downloading images from simplestreams serversEPSS 0.2%CVE-2026-40243LOWIncus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonationEPSS 0.2%CVE-2026-39402MEDIUMlxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletionEPSS 0.2%