Canonical Lxd
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Canonical Lxd.
Recent Canonical Lxd Security Advisories
| Advisory | Title | Published |
|---|---|---|
| USN-8447-2 | USN-8447-2: LXD vulnerabilities | June 18, 2026 |
| USN-8089-3 | USN-8089-3: ADSys, Juju Core, LXD vulnerabilities | April 7, 2026 |
| USN-6738-1 | USN-6738-1: LXD vulnerability | April 22, 2024 |
By the Year
In 2026 there have been 9 vulnerabilities in Canonical Lxd with an average score of 7.8 out of ten. Last year, in 2025 Lxd had 8 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 9 | 7.77 |
| 2025 | 8 | 0.00 |
| 2024 | 1 | 0.00 |
| 2023 | 1 | 6.40 |
It may take a day or so for new Lxd vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Canonical Lxd Security Vulnerabilities
SSRF in LXD 4.12-6.9 Image Import /images Endpoint Allows Internal Access
CVE-2026-28385
5 - Medium
- June 26, 2026
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery (SSRF) vulnerability in the image import functionality allows authenticated users with the can_create_images entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a URL source, the LXD daemon fails to validate or restrict outbound destination IP addresses, allowing connections to loopback, RFC1918 private ranges, and cloud metadata endpoints. This enables error-based port scanning and unauthorized interaction with internal HTTP services from the daemon's network position.
SSRF
LXD <=6.9 PrivEsc via Malicious Snapshot (Project Reverse Policy)
CVE-2026-9640
7.2 - High
- June 26, 2026
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy restrictions by importing a maliciously crafted instance backup containing restricted configuration keys within a snapshot. When the snapshot is restored, these restricted keys are applied to the live instance without policy validation. Starting the modified instance grants the operator unauthorized host root access.
AuthZ
Nil-Pointer Dereference CreateCustomVolumeFromBackup in LXD <6.8 / 5.21 (DoS)
CVE-2026-9639
6.5 - Medium
- June 26, 2026
Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can_create_storage_volumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expires_at snapshot field.
NULL Pointer Dereference
LXD devLXDInstancePatchHandler BAS via PATCH CVE-2026-12411
CVE-2026-12411
8.4 - High
- June 26, 2026
Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled.
Insecure Direct Object Reference / IDOR
Canonical LXD 4.126.7: Type Field Bypass Admin Escalation (CVE202634179)
CVE-2026-34179
9.1 - Critical
- April 09, 2026
In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.
Mass Assignment
LXD <6.8 backup import: Project restriction bypass (CVE-2026-34178)
CVE-2026-34178
9.1 - Critical
- April 09, 2026
In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permission in a restricted project can craft a backup archive where backup.yaml carries restricted settings such as security.privileged=true or raw.lxc directives, bypassing all project restriction enforcement and allowing full host compromise.
Improper Input Validation
LXD 4.126.7 PrivEsc: Missing denylist for raw.apparmor & raw.qemu.conf in isVMLowLevelOptionForbidde
CVE-2026-34177
9.1 - Critical
- April 09, 2026
Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.
Denylist / Deny List
LXD 4.12-6.6 Improper sanitization of compression_algorithm allows exec
CVE-2026-28384
- March 12, 2026
An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the snap versions 5.0.6-e49d9f4 (channel 5.0/stable), 5.21.4-1374f39 (channel 5.21/stable), and 6.7-1f11451 (channel 6.0 stable). The channel 4.0/stable is not affected as it contains version 4.0.10.
Shell injection
LXD 6.6 ImpAuth: Enumerate Cert FP via GET /1.0/certificates
CVE-2026-3351
- March 03, 2026
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server.
AuthZ
Canonical LXD 5.0 LTS Log Retrieval Path Traversal
CVE-2025-54293
- October 02, 2025
Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.
Directory traversal
Path Traver in Canonical LXD-UI <6.5 / <5.21.4 (auth)
CVE-2025-54292
- October 02, 2025
Path traversal in Canonical LXD LXD-UI versions before 6.5 and 5.21.4 on all platforms allows remote authenticated attackers to access or modify unintended resources via crafted resource names embedded in URL paths.
Directory traversal
Info Disclosure: LXD Images API (6.5/5.21.4) Unauth Project Disclosure
CVE-2025-54291
- October 02, 2025
Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.
Generation of Error Message Containing Sensitive Information
Info Disclosure in Canonical LXD Image Export API (pre-6.5/5.21.4)
CVE-2025-54290
- October 02, 2025
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
Information Disclosure
LXD 6.5 Priv Esc via Ops API WS Hijack
CVE-2025-54289
- October 02, 2025
Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
1385
Information Spoofing in Canonical LXD 4.0+ via devLXD Server
CVE-2025-54288
- October 02, 2025
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line.
Authentication Bypass by Spoofing
Template Injection in Canonical LXD 4.0+ Snapshot via Pongo2
CVE-2025-54287
- October 02, 2025
Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.
1336
CSRF in LXD-UI (5.0) Allows Unauthed Container Creation
CVE-2025-54286
- October 02, 2025
Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication.
Session Riding
UEFI Shell Enabled in LXD EDK2 Bypasses Secure Boot
CVE-2023-49721
- February 14, 2024
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
PrivEsc via LXD Group Bypass on Ubuntu Server
CVE-2023-5536
6.4 - Medium
- December 12, 2023
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
Incorrect Default Permissions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Lxd or by Canonical? Click the Watch button to subscribe.
