CVE-2026-41647

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H                                    

Vulnerability Description

Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. This issue has been patched in version 7.0.0.

Vulnerability Details

Published Date

May 04, 2026

Last Modified

May 07, 2026

CWE ID

CWE-476

Source

GitHub

Vendor

Product

github.com/lxc/incus/v6/cmd/incusd

External References

https://github.com/lxc/incus/security/advisories/GHSA-fwj8-62r8-8p8m
https://github.com/advisories/GHSA-fwj8-62r8-8p8m

CVE-2026-41647

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment