Incus
This hub aggregates every CVE we track for Incus, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemsother
21
CVEs tracked
3
Critical
6
High
0
In CISA KEV
Severity distribution
MEDIUM11HIGH6CRITICAL3LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
1
0
2
0
6
1
9
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Incus.
- CVE-2026-41685Incus: Unbounded binary import disk exhaustion4.3
- CVE-2026-41684Incus: Nil Dereferences on Restore via Malformed YAML6.5
- CVE-2026-41648Incus: Unbounded YAML Metadata Decode via Parsing5.0
- CVE-2026-41647Incus: Nil-Pointer Dereference via S3 Bucket Import6.5
- CVE-2026-40251Incus out-of-bounds panic in snapshot metadata handling allows denial of service6.5
- CVE-2026-40243Incus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonation4.8
- CVE-2026-40197Incus nil-pointer dereference in custom volume import allows denial of service6.5
- CVE-2026-40195Incus nil-pointer dereference in storage bucket import allows denial of service6.5
- CVE-2026-35527Incus blind SSRF via image import preflight HEAD request5.0
- CVE-2026-34179Update of type field in restricted TLS certificate allows privilege escalation to cluster admin9.1
- CVE-2026-33945Abitrary file write through systemd-creds option9.9
- CVE-2026-33898Local Incus UI web server vulnerable to nuthentication bypass8.8
- CVE-2026-33897Incus vulnerable to arbitrary file read and write through pongo templates9.9
- CVE-2026-33743Incus vulnerable to denial of source through crafted bucket backup file6.5
- CVE-2026-33711Incus vulnerable to local privilege escalation through VM screenshot path7.8
Product normalization is registry-driven with AI assist and human review. How it works