ROS-20260420-73-0044

Vulnerability in incus related to a flaw in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

ROS-20260420-73-0043

Vulnerability in incus related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

Debian dsa-6212 : golang-github-lxc-incus-dev - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6212 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6212-1 [email protected] https://www.debian.org/securit...

Fedora 43 : incus (2026-094b7621cf)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-094b7621cf advisory. Remove incus dependency from incus-agent. ---- Update to 6.23 Tenable has extracted the preceding description block directly from the Fedora securit...

Fedora 42 : incus (2026-4481307278)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4481307278 advisory. Remove incus dependency from incus-agent. ---- Update to 6.23 Tenable has extracted the preceding description block directly from the Fedora securit...

Debian: Security Advisory (DSA-6212-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6212-1] incus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6212-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 15, 2026 https://www.debian.org/security/faq -...

GO-2026-4881 Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus

Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus...

GO-2026-4882 Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus

Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus...

GO-2026-4879 Local Incus UI web server vulnerable to nuthentication bypass in github.com/lxc/incus

Local Incus UI web server vulnerable to nuthentication bypass in github.com/lxc/incus...

GO-2026-4885 Incus vulnerable to local privilege escalation through VM screenshot path in github.com/lxc/incus

Incus vulnerable to local privilege escalation through VM screenshot path in github.com/lxc/incus...

GO-2026-4886 Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus

Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus...

GO-2026-4884 Incus has an abitrary file write through its systemd-creds options in github.com/lxc/incus

Incus has an abitrary file write through its systemd-creds options in github.com/lxc/incus...

Incus does not verify combined fingerprint when downloading images from simplestreams servers

...

incus-6.23-1.1 on GA media (moderate)

incus-6.23-1.1 on GA media Announcement ID: openSUSE-SU-2026:10450-1 Rating: moderate Cross-References: CVE-2026-33542 CVE-2026-33711 CVE-2026-33743 CVE-2026-33897 CVE-2026-33898 CVE-2026-33945 CVSS scores: CVE-2026-33542 SUSE : 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N CVE-2026-33897 SUSE...

[BSA-129] Security Update for incus

Mathias Gibbens uploaded new packages for incus which fixed the following security problems: CVE ID : CVE-2026-28384 CVE-2026-33542 CVE-2026-33743 CVE-2026-33897 Multiple security issues were discovered in Incus, a system container and virtual machine manager, which could result in denial of...

Debian: Security Advisory (DSA-6184-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6184-1] incus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6184-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2026 https://www.debian.org/security/faq -...

Debian dsa-6184 : golang-github-lxc-incus-dev - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6184 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6184-1 [email protected] https://www.debian.org/securit...

DSA-6184-1 incus - security update

Bulletin has no description...