CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Version 6.23.0 patches the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.6%

CVSS Severity

CVSS v3 Score 4.8

References

https://github.com/lxc/incus/security/advisories/GHSA-p8mm-23gg-jc9r

Products affected by CVE-2026-33542

Linuxcontainers » Incus » Version: 0.1.0

cpe:2.3:a:linuxcontainers:incus:0.1.0
Linuxcontainers » Incus » Version: 0.2.0

cpe:2.3:a:linuxcontainers:incus:0.2.0
Linuxcontainers » Incus » Version: 0.3.0

cpe:2.3:a:linuxcontainers:incus:0.3.0
Linuxcontainers » Incus » Version: 0.4.0

cpe:2.3:a:linuxcontainers:incus:0.4.0
Linuxcontainers » Incus » Version: 0.5.0

cpe:2.3:a:linuxcontainers:incus:0.5.0
Linuxcontainers » Incus » Version: 0.5.1

cpe:2.3:a:linuxcontainers:incus:0.5.1
Linuxcontainers » Incus » Version: 0.6.0

cpe:2.3:a:linuxcontainers:incus:0.6.0
Linuxcontainers » Incus » Version: 0.7.0

cpe:2.3:a:linuxcontainers:incus:0.7.0
Linuxcontainers » Incus » Version: 6.0.0

cpe:2.3:a:linuxcontainers:incus:6.0.0
Linuxcontainers » Incus » Version: 6.0.1

cpe:2.3:a:linuxcontainers:incus:6.0.1
Linuxcontainers » Incus » Version: 6.0.2

cpe:2.3:a:linuxcontainers:incus:6.0.2
Linuxcontainers » Incus » Version: 6.0.3

cpe:2.3:a:linuxcontainers:incus:6.0.3
Linuxcontainers » Incus » Version: 6.0.4

cpe:2.3:a:linuxcontainers:incus:6.0.4
Linuxcontainers » Incus » Version: 6.0.5

cpe:2.3:a:linuxcontainers:incus:6.0.5
Linuxcontainers » Incus » Version: 6.0.6

cpe:2.3:a:linuxcontainers:incus:6.0.6
Linuxcontainers » Incus » Version: 6.1.0

cpe:2.3:a:linuxcontainers:incus:6.1.0
Linuxcontainers » Incus » Version: 6.10.0

cpe:2.3:a:linuxcontainers:incus:6.10.0
Linuxcontainers » Incus » Version: 6.10.1

cpe:2.3:a:linuxcontainers:incus:6.10.1
Linuxcontainers » Incus » Version: 6.11.0

cpe:2.3:a:linuxcontainers:incus:6.11.0
Linuxcontainers » Incus » Version: 6.12.0

cpe:2.3:a:linuxcontainers:incus:6.12.0
Linuxcontainers » Incus » Version: 6.13.0

cpe:2.3:a:linuxcontainers:incus:6.13.0
Linuxcontainers » Incus » Version: 6.14.0

cpe:2.3:a:linuxcontainers:incus:6.14.0
Linuxcontainers » Incus » Version: 6.15.0

cpe:2.3:a:linuxcontainers:incus:6.15.0
Linuxcontainers » Incus » Version: 6.16.0

cpe:2.3:a:linuxcontainers:incus:6.16.0
Linuxcontainers » Incus » Version: 6.17.0

cpe:2.3:a:linuxcontainers:incus:6.17.0
Linuxcontainers » Incus » Version: 6.18.0

cpe:2.3:a:linuxcontainers:incus:6.18.0
Linuxcontainers » Incus » Version: 6.19.0

cpe:2.3:a:linuxcontainers:incus:6.19.0
Linuxcontainers » Incus » Version: 6.19.1

cpe:2.3:a:linuxcontainers:incus:6.19.1
Linuxcontainers » Incus » Version: 6.2.0

cpe:2.3:a:linuxcontainers:incus:6.2.0
Linuxcontainers » Incus » Version: 6.20.0

cpe:2.3:a:linuxcontainers:incus:6.20.0
Linuxcontainers » Incus » Version: 6.3.0

cpe:2.3:a:linuxcontainers:incus:6.3.0
Linuxcontainers » Incus » Version: 6.4.0

cpe:2.3:a:linuxcontainers:incus:6.4.0
Linuxcontainers » Incus » Version: 6.5.0

cpe:2.3:a:linuxcontainers:incus:6.5.0
Linuxcontainers » Incus » Version: 6.6.0

cpe:2.3:a:linuxcontainers:incus:6.6.0
Linuxcontainers » Incus » Version: 6.7.0

cpe:2.3:a:linuxcontainers:incus:6.7.0
Linuxcontainers » Incus » Version: 6.8.0

cpe:2.3:a:linuxcontainers:incus:6.8.0
Linuxcontainers » Incus » Version: 6.9.0

cpe:2.3:a:linuxcontainers:incus:6.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-33542

Products

Pricing

Contact Us