112 matches found
CVE-2026-28385
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
CVE-2026-28385 SSRF via image import from URL allows internal network probing by authenticated users
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
CVE-2026-28385
CVE-2026-28385 : Canonical LXD 4.12–6.9 contains an SSRF in image import from URL sources. Authenticated users with the can_create_images entitlement can leverage the /images endpoint to trigger outbound requests from the LXD daemon, failing to validate or restrict destinations. This allows conta...
EUVD-2026-39805
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
CVE-2026-28385
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
CVE-2026-28385
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery SSRF vulnerability in the image import functionality allows authenticated users with the cancreateimages entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the group parsing process. An attacker can cause memory exhaustion and disrupt the container runtime API by supplying a maliciously crafted image that triggers unbounded parsing,...
CVE-2026-7542
The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...
CVE-2026-7542 Slider Revolution 7.0 - 7.0.10 - Authenticated (Subscriber+) Sensitive Information Disclosure
The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...
Astra Linux – Vulnerability in Containerd
Containerd is an open-source container runtime. Prior to versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where no limit was applied could cause a denial of service. This bug ha...
Server-side Request Forgery (SSRF)
Overview apostrophe is a content management system CMS for Node.js. It supports in-context editing, schema-driven content types, flexible widgets and a great deal more. This module contains everything necessary to build a website with ApostropheCMS. Affected versions of this package are vulnerabl...
PT-2026-41154
Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.1 Description An authenticated server-side request forgery SSRF exists in the rich-text widget import flow. An authenticated user with permissions to submit or edit rich-text widget content can force the...
CVE-2026-35527
A flaw was found in Incus, an open-source container and virtual machine manager. An authenticated user can exploit this vulnerability by supplying a malicious URL during the image import process. Before project restrictions are applied, Incus makes a blind HEAD request to the user-supplied URL,...
SUSE CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527 Incus blind SSRF via image import preflight HEAD request
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus (pre-7.0.0) is vulnerable to a blind SSRF via image import preflight HEAD requests. An authenticated user can coerce the daemon to issue a host-originated HEAD request to a user-supplied URL before policy checks complete, exposing server metadata in headers (Incus-Server-Architectures, Incu...
CVE-2026-35527 Incus blind SSRF via image import preflight HEAD request
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...