| Bug | Description |
|---|
| CVE-2025-54293 | Path Traversal in the log file retrieval function in Canonical LXD 5.0 ... |
| CVE-2025-54291 | Information disclosure in images API in Canonical LXD before 6.5 and 5 ... |
| CVE-2025-54290 | Information disclosure in image export API in Canonical LXD before 6.5 ... |
| CVE-2025-54289 | Privilege Escalation in operations API in Canonical LXD <6.5 on multip ... |
| CVE-2025-54288 | Information Spoofing in devLXD Server in Canonical LXD versions 4.0 an ... |
| CVE-2025-54287 | Template Injection in instance snapshot creation component in Canonica ... |
| CVE-2025-54286 | Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions ... |
| CVE-2025-52890 | Incus is a system container and virtual machine manager. When using an ... |
| CVE-2025-52889 | Incus is a system container and virtual machine manager. When using an ... |
| CVE-2024-6219 | Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a ... |
| CVE-2024-6156 | Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could ... |
| CVE-2023-49721 | An insecure default to allow UEFI Shell in EDK2 was left enabled in LX ... |