Back to CVE List

CVE-2026-48749

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.9 / 10

Vulnerability Description

Incus has an arbitrary file read+write on host via rootfs/ symlink in malicious image

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
go
Product
github.com/lxc/incus/v7/cmd/incusd

External References

Discussion (0)

Add Comment

No comments yet. Be the first!