| CVE-2026-41684 |
medium |
6.5 |
6.5 |
|
|
|
28d ago |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy bac… |
| CVE-2026-41647 |
medium |
6.5 |
6.5 |
|
|
|
28d ago |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a trunca… |
| CVE-2026-40251 |
medium |
6.5 |
6.5 |
|
|
|
29d ago |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage … |
| CVE-2026-40197 |
medium |
6.5 |
6.5 |
|
|
|
29d ago |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage … |
| CVE-2026-40195 |
medium |
6.5 |
6.5 |
|
|
|
29d ago |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bucket import logic allows an authenticated user with access to the storage … |
| CVE-2026-41648 |
medium |
5.0 |
5.0 |
|
|
|
28d ago |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This wa… |
| CVE-2026-35527 |
medium |
5.0 |
5.0 |
|
|
|
1mo ago |
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request a… |
| CVE-2026-40243 |
medium |
4.8 |
4.8 |
|
|
|
29d ago |
Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database… |
| CVE-2026-41685 |
medium |
4.3 |
4.3 |
|
|
|
28d ago |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking … |
| CVE-2026-23954 |
unknown |
— |
— |
|
|
|
4mo ago |
Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use d… |
