Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Linux Distros Unpatched Vulnerability : CVE-2026-28384

🗓️ 16 Mar 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 1 Views

Unpatched LXD allows authenticated users to run commands as daemon via image and backup APIs.

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2026-28384
12 Mar 202614:51
attackerkb
AlpineLinux		CVE-2026-28384
12 Mar 202614:51
alpinelinux
Circl		CVE-2026-28384
12 Mar 202615:47
circl
CNNVD		LXD 安全漏洞
12 Mar 202600:00
cnnvd
CVE		CVE-2026-28384
12 Mar 202614:51
cve
Cvelist		CVE-2026-28384 Authenticated RCE via unsanitized compression_algorithm
12 Mar 202614:51
cvelist
Debian		[BSA-129] Security Update for incus
30 Mar 202612:51
debian
Debian		[SECURITY] [DSA 6184-1] incus security update
29 Mar 202614:21
debian
Debian		[SECURITY] [DSA 6188-1] lxd security update
31 Mar 202620:52
debian
Debian CVE		CVE-2026-28384
12 Mar 202614:51
debiancve
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(302534);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/29");

  script_cve_id("CVE-2026-28384");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2026-28384");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated,
    unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and
    backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the snap versions
    5.0.6-e49d9f4 (channel 5.0/stable), 5.21.4-1374f39 (channel 5.21/stable), and 6.7-1f11451 (channel 6.0
    stable). The channel 4.0/stable is not affected as it contains version 4.0.10. (CVE-2026-28384)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2026-28384");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-28384");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:lxd");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Debian Linux-12", "Host/OS/Debian Linux-13");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "lxd"},
          {"reference": "lxd-agent"},
          {"reference": "lxd-client"},
          {"reference": "lxd-migrate"},
          {"reference": "lxd-tools"}
        ]
      }
    ]
  },
  "Debian Linux-13": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "13",
        "pkgs": [
          {"reference": "golang-github-canonical-lxd-dev"},
          {"reference": "lxd"},
          {"reference": "lxd-agent"},
          {"reference": "lxd-client"},
          {"reference": "lxd-migrate"},
          {"reference": "lxd-tools"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Mar 2026 00:00Current
6Medium risk
Vulners AI Score6
CVSS 49.4
EPSS0.00253
SSVC
lxd vulnerabilityauthenticated accessimage apibackup apilinux vulnerability
1