5 matches found
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351
CVE-2026-3351 : In Canonical LXD 6.6 on Linux, an improper authorization flaw in the API endpoint GET /1.0/certificates lets an authenticated, restricted user enumerate all certificate fingerprints trusted by the LXD server. The CVSS score is 5.3 (Medium); attack vector is network, with low attac...
PT-2026-6560
Name of the Vulnerable Software and Affected Versions Axigen Mail Server versions prior to 10.5.57 Description Axigen Mail Server contains an improper access control issue in the WebAdmin interface. A delegated admin account with no permissions can bypass access control checks and gain unauthoriz...