CVE-2026-33898
CVE-2026-33898 affects the Incus web UI local web server. Prior to v6.23.0, the server incorrectly validates the authentication token when provided in the URL, while the cookie stores the token correctly. An attacker who can access the temporary localhost web server can gain the same access as th...