GO-2025-3781: Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks in github.com/lxc/incus
GO-2025-3782: Incus creates nftables rules that partially bypass security options in github.com/lxc/incus
GO-2025-4115: Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus
GO-2026-4357: Incus container image templating arbitrary host file read and write in github.com/lxc/incus
GO-2026-4359: Incus container environment configuration newline injection in github.com/lxc/incus
GO-2026-4879: Local Incus UI web server vulnerable to nuthentication bypass in github.com/lxc/incus
GO-2026-4881: Incus vulnerable to arbitrary file read and write through pongo templates in github.com/lxc/incus
GO-2026-4882: Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus
GO-2026-4884: Incus has an abitrary file write through its systemd-creds options in github.com/lxc/incus
GO-2026-4885: Incus vulnerable to local privilege escalation through VM screenshot path in github.com/lxc/incus
GO-2026-4886: Incus vulnerable to denial of source through crafted bucket backup file in github.com/lxc/incus
GO-2026-5127: Incus Vulnerable to Panic via Snapshot Bounds Check in github.com/lxc/incus
GO-2026-5168: Incus has Unbounded YAML Metadata Decode via Parsing in github.com/lxc/incus
GO-2026-5252: Incus has a Nil-Pointer Dereference Panic via Instance Backup Import (volume omitted) in github.com/lxc/incus
GO-2026-5254: Incus has Blind SSRF via Image Import Preflight HEAD in github.com/lxc/incus
GO-2026-5280: Incus is affected by unbounded binary import disk exhaustion in github.com/lxc/incus
GO-2026-5319: Incus has an OVN TLS Verification that Accepts Peer-Supplied Roots in github.com/lxc/incus
GO-2026-5384: Incus has Nil-Pointer Dereference via S3 Bucket Import in github.com/lxc/incus
GO-2026-5397: Incus has a Nil-Pointer Dereference Panic via Bucket Metadata in github.com/lxc/incus
GO-2026-5612: Incus has a Nil-Pointer Dereference via Custom Volume Import in github.com/lxc/incus
GO-2026-5742: Incus has Nil Dereferences on Restore via Malformed YAML in github.com/lxc/incus
GO-2026-5798: Incus has an arbitrary file read+write on host via rootfs/ symlink in malicious image in github.com/lxc/incus
GO-2026-5799: Incus has a restricted project bypass leading to arbitrary command execution in github.com/lxc/incus
GO-2026-5800: Incus: Nil-pointer dereference in createDependentVolumesFromBackup on disk.{Volume,VolumeSnapshots,Pool} in github.com/lxc/incus
GO-2026-5801: Incus has an arbitrary file write on host via `exec-output` symlink in crafted image in github.com/lxc/incus
GO-2026-5802: Incus has an arbitrary file write via path traversal in S3 multipart upload in github.com/lxc/incus
GO-2026-5803: Incus has arbitrary file read+write on host via templates/ symlink in malicious image in github.com/lxc/incus
GO-2026-5806: Incus has an arbitrary file write on its client due to trusted image hash in github.com/lxc/incus
GO-2026-5808: Incus has an argument injection in backup compression algorithm leading to AFW and ACE in github.com/lxc/incus
GO-2026-5810: Incus: CreateCustomVolumeFromBackup nil-pointer dereference on volume_snapshots[*].expires_at (sibling-field variant of GHSA-r7w7) in github.com/lxc/incus