Every CVE whose affected-product data names Canonical Lxd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2026-34179 — CVSS 9.1 (critical): In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when…
CVE-2026-34177 — CVSS 9.1 (critical): Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go)…
CVE-2026-34178 — CVSS 9.1 (critical): In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive…
CVE-2025-54286 — CVSS 8.8 (high): Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container…
CVE-2026-12411 — CVSS 8.4 (high): Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite…
CVE-2025-54289 — CVSS 8.1 (high): Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal…
CVE-2026-9640 — CVSS 7.2 (high): A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling…
CVE-2025-54288 — CVSS 6.8 (medium): Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root…
CVE-2023-49721 — CVSS 6.7 (medium): An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
CVE-2023-48733 — CVSS 6.7 (medium): An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure…
CVE-2025-54287 — CVSS 6.5 (medium): Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration…
CVE-2025-54293 — CVSS 6.5 (medium): Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary…
CVE-2026-9639 — CVSS 6.5 (medium): Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with…
CVE-2016-1581 — CVSS 5.5 (medium): LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users…
CVE-2016-1582 — CVSS 5.5 (medium): LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users…
CVE-2025-54291 — CVSS 5.3 (medium): Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to…
CVE-2025-54290 — CVSS 5.3 (medium): Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project…
CVE-2026-28385 — CVSS 5.0 (medium): In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery (SSRF) vulnerability in the image import functionality allows…
CVE-2025-54292 — CVSS 4.6 (medium): Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or…
CVE-2026-3351 — CVSS 4.3 (medium): Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to…
CVE-2024-6156 — CVSS 3.8 (low): Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust…
CVE-2024-6219 — CVSS 3.8 (low): Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its…