What is the CVSS score of CVE-2026-34179?

CVE-2026-34179 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Canonical are affected by CVE-2026-34179?

CVE-2026-34179 is a critical privilege escalation flaw in Canonical LXD versions 4.12-6.7 that allows authenticated users with restricted TLS certificate permissions to escalate to cluster…. A patch is available.

Canonical CVE-2026-34179

EUVD-2026-20876 CRITICAL

Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915)

2026-04-09 canonical

GHSA-c3h3-89qf-jqm5

Privilege Escalation Canonical

9.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 22, 2026 - 20:52 vuln.today

cvss_changed

EUVD ID Assigned

Apr 09, 2026 - 09:30 euvd

EUVD-2026-20876

Analysis Generated

Apr 09, 2026 - 09:30 vuln.today

Patch released

Apr 09, 2026 - 09:30 nvd

Patch available

CVE Published

Apr 09, 2026 - 09:22 nvd

CRITICAL 9.1

DescriptionNVD

In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.

AnalysisAI

Privilege escalation in Canonical LXD 4.12 through 6.7 enables remote authenticated restricted TLS certificate users to gain cluster admin privileges. Exploitation requires high-privilege authentication (PR:H) but no user interaction. …

RemediationAI

Within 24 hours: inventory all LXD deployments and identify instances running versions 4.12 through 6.7; verify current version via lxd --version. Within 7 days: apply vendor-released patch to upgrade all affected LXD instances to version 6.8 or later; test patched versions in non-production environments first and coordinate maintenance windows to minimize cluster downtime. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-49238 HIGH This Week

8.4 May 28

Virtual machine escape in Canonical Multipass before 1.16.3 allows a root user inside a guest VM to read arbitrary files

CVE-2026-49237 HIGH This Week

7.8 May 28

Local privilege escalation in Canonical Multipass for macOS before 1.16.3 allows a low-privileged local user to obtain r

CVE-2026-42790 HIGH This Week

7.6 May 27

TLS server impersonation in Erlang/OTP's public_key library lets a name-constrained subordinate CA forge a trusted ident

CVE-2026-42462 HIGH This Week

7.0 May 26

Here is the multi-source synthesis for CVE-2026-42462: ```json { "product_name": "Fedify", "summary": "Linked Data

CVE-2026-47674 MEDIUM This Month

5.3 May 28

IP restriction bypass in Hono's ip-restriction middleware (hono/ip-restriction) prior to version 4.12.21 allows unauthen

Vendor StatusVendor

CVE-2026-34179 vulnerability details – vuln.today

Back

Canonical CVE-2026-34179

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code