Lucene search
K

5 matches found

OSV
OSV
added 2026/05/07 1:9 p.m.2 views

CVE-2026-41685 Incus: Unbounded binary import disk exhaustion

Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The impact here is limited for anyone using storage.imagesvolume and...

4.3CVSS5.9AI score0.00333EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/22 9:45 p.m.3 views

CVE-2026-23954 Incus container image templating arbitrary host file read and write

Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image e.g a member of the ‘incus’ group to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file...

8.7CVSS6.1AI score0.00731EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/22 9:45 p.m.5 views

EUVD-2026-3803

Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image e.g a member of the ‘incus’ group to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file...

8.7CVSS6AI score0.00731EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/01/22 9:45 p.m.23 views

CVE-2026-23954 Incus container image templating arbitrary host file read and write

Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image e.g a member of the ‘incus’ group to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file...

8.7CVSS0.00731EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/01/22 8:26 p.m.9 views

Incus container image templating arbitrary host file read and write

Summary A user with the ability to launch a container with a custom image e.g a member of the ‘incus’ group can use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write, ultimately resulting in arbitrary command...

8.7CVSS6.2AI score0.00731EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder