2 matches found
PT-2026-31597
Name of the Vulnerable Software and Affected Versions Canonical LXD versions 4.12 through 6.7 Description Canonical LXD versions 4.12 through 6.7 contain a flaw in the doCertificateUpdate function within lxd/certificates.go. This function fails to validate the Type field when processing PUT or...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...