Github.com/canonical/lxd
This hub aggregates every CVE we track for Github.com/canonical/lxd, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM4LOW2HIGH2
Monthly trend
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
6
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Github.com/canonical/lxd.
- CVE-2025-54293Path Traversal in LXD Instance Log File Retrieval6.5
- CVE-2025-54291Project existence disclosure in LXD images API5.3
- CVE-2025-54290Project Existence Disclosure via Error Handling in LXD Image Export5.3
- CVE-2025-54289Privilege Escalation via WebSocket Connection Hijacking in LXD Operations API8.1
- CVE-2025-54288Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server6.8
- CVE-2025-54286CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI8.8
- CVE-2024-6219Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.3.8
- CVE-2024-6156Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.3.8
Product normalization is registry-driven with AI assist and human review. How it works