pkg:Go/github.com/lxc/incus

13 total CVEsCRITICAL3HIGH6MEDIUM3LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2026-33945Incus has an abitrary file write through its systemd-creds options in github.com/lxc/incus
    from 0
  • CRITICAL9.9CVE-2026-33897Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus
    from 0
  • CRITICAL9.9CVE-2026-33897Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus
    from 0, <= 0.7.0
  • HIGH8.8CVE-2026-33898Local Incus UI web server vulnerable to nuthentication bypass in github.com/lxc/incus
    from 0
  • HIGH8.7CVE-2026-23954Incus container image templating arbitrary host file read and write in github.com/lxc/incus
    from 0
  • HIGH8.7CVE-2026-23953Incus container environment configuration newline injection
    from 0
  • HIGH8.1CVE-2025-52890Incus creates nftables rules that partially bypass security options
    from 0
  • HIGH7.8CVE-2026-33711Incus vulnerable to local privilege escalation through VM screenshot path in github.com/lxc/incus
    from 0
  • HIGH7.8CVE-2025-64507Incus vulnerable to local privilege escalation through custom storage volumes
    from 0
  • MEDIUM6.5CVE-2026-33743Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus
    from 0, <= 0.7.0
  • MEDIUM6.5CVE-2026-33743Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus
    from 0
  • MEDIUM4.8CVE-2026-33542Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus
    from 0
  • LOW3.4CVE-2025-52889Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks
    from 0