Known Vulnerabilities for products from Linuxcontainers
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Linuxcontainers".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41685 json | Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authentic... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-41684 json | Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/in... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-41648 json | Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs woul... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-41647 json | Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authe... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-40251 json | Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage vo... | Not Provided | 2026-05-06 | 2026-05-07 |
| CVE-2026-40243 json | Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN dat... | Not Provided | 2026-05-06 | 2026-05-08 |
| CVE-2026-40197 json | Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage vo... | Not Provided | 2026-05-06 | 2026-05-07 |
| CVE-2026-40195 json | Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage bu... | Not Provided | 2026-05-06 | 2026-05-07 |
| CVE-2026-39402 json | lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the find_line()... | Not Provided | 2026-05-05 | 2026-05-12 |
| CVE-2026-35527 json | Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an ou... | Not Provided | 2026-05-05 | 2026-05-07 |
| CVE-2026-33945 json | Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in ... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33898 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` inc... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33897 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to caus... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33743 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup c... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33711 json | Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33542 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerpri... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2022-47952 json | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even ... | 3.3 - LOW | 2023-01-01 | 2023-08-21 |
| CVE-2019-5736 json | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... | 8.6 - HIGH | 2019-02-11 | 2024-02-02 |
| CVE-2018-6556 json | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be u... | 3.3 - LOW | 2018-08-10 | 2019-05-31 |
| CVE-2017-18641 json | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to... | 8.1 - HIGH | 2020-02-10 | 2020-02-12 |