Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/26 3:27 p.m.10 views

EUVD-2026-39788

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS5.8AI score0.00209EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/26 3:27 p.m.40 views

CVE-2026-12411 Broken Access Control in Canonical LXD DevLXD API

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...

8.4CVSS0.00209EPSS
Exploits1References2
CVE
CVE
added 2026/06/26 3:27 p.m.20 views

CVE-2026-12411

CVE-2026-12411 concerns Canonical LXD where the devLXDInstancePatchHandler component suffers a broken access control, allowing an untrusted guest to mount, read, and overwrite another guest’s custom storage volume via a crafted device PATCH to /dev/lxd when security.devlxd.management.volumes is e...

9.6CVSS5.8AI score0.00209EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52840

Name of the Vulnerable Software and Affected Versions Canonical LXD affected versions not specified Description Broken Access Control in the devLXDInstancePatchHandler component allows an untrusted guest to mount, read, and overwrite the custom storage volume of another guest. This is achieved by...

9.6CVSS5.9AI score0.00209EPSS
Exploits1References4
Rows per page
Query Builder