CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

SUSE CVE•added 2026/03/28 12:25 a.m.•5 views

SUSE CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

6.4CVSS5.8AI score0.0018EPSS

Exploits1References3

OSV•added 2026/03/27 5:8 p.m.•0 views

GHSA-P8MM-23GG-JC9R Incus does not verify combined fingerprint when downloading images from simplestreams servers

Summary A lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Details Incus image...

7CVSS5.8AI score0.0018EPSS

Exploits1References8

Github Security Blog•added 2026/03/27 5:8 p.m.•8 views

Incus does not verify combined fingerprint when downloading images from simplestreams servers

7.1CVSS5.8AI score0.0018EPSS

Exploits1References8Affected Software1

Tenable Nessus•added 2026/03/27 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-33542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from...

7.1CVSS5.8AI score0.0018EPSS

Exploits1References2

RedhatCVE•added 2026/03/26 11:21 p.m.•2 views

CVE-2026-33542

A flaw was found in Incus, a system container and virtual machine manager. A remote attacker could exploit a lack of validation of image fingerprints when downloading from simplestreams image servers. This vulnerability, under specific conditions, could lead to image cache poisoning, allowing an...

7.1CVSS5.8AI score0.0018EPSS

Exploits1References4

NVD•added 2026/03/26 11:16 p.m.•2 views

CVE-2026-33542

7.1CVSS0.0018EPSS

Exploits1References1

UbuntuCve•added 2026/03/26 11:16 p.m.•5 views

CVE-2026-33542

7.1CVSS5.9AI score0.0018EPSS

Exploits1References3

OSV•added 2026/03/26 11:16 p.m.•1 views

UBUNTU-CVE-2026-33542

7.1CVSS5.8AI score0.0018EPSS

Exploits1References4

AlpineLinux•added 2026/03/26 10:32 p.m.•2 views

CVE-2026-33542

7.1CVSS5.8AI score0.0018EPSS

Exploits1References1

Vulnrichment•added 2026/03/26 10:32 p.m.•0 views

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

7.1CVSS5.8AI score0.0018EPSS

Exploits1References1

Cvelist•added 2026/03/26 10:32 p.m.•23 views

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

7.1CVSS0.0018EPSS

Exploits1References1

CNNVD•added 2026/03/26 12:0 a.m.•7 views

Incus 信任管理问题漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 had a vulnerability related to trust management. This vulnerability stemmed from the lack of image fingerprint verification during the download from the simplestreams image server, which...

7.1CVSS5.8AI score0.0018EPSS

Exploits1References2

Positive Technologies•added 2026/01/01 12:0 a.m.•10 views

PT-2026-28494

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus lacks validation of the image fingerprint when downloading from simplestreams image servers. This can lead to image cache poisoning, potentially allowing an attacker to provide a compromised ima...

9.9CVSS5.9AI score0.00481EPSS

Exploits3References29

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by