LXD 6.5 Priv Esc via Ops API WS Hijack
CVE-2025-54289 Published on October 2, 2025

Privilege Escalation via WebSocket Connection Hijacking in LXD Operations API
Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format

Github Repository NVD

Weakness Type

CWE-1385

Products Associated with CVE-2025-54289

Want to know whenever a new CVE is published for Canonical Lxd? stack.watch will email you.

Canonical Lxd

Affected Versions

Canonical LXD:

Version 6 and below 6.5 is affected.
Version 5.21 and below 5.21.4 is affected.

Exploit Probability

EPSS

0.04%

Percentile

11.82%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

LXD 6.5 Priv Esc via Ops API WS HijackCVE-2025-54289 Published on October 2, 2025

Weakness Type

Products Associated with CVE-2025-54289

Affected Versions

Exploit Probability

LXD 6.5 Priv Esc via Ops API WS Hijack
CVE-2025-54289 Published on October 2, 2025