EUVD-2026-16460
GHSA-p8mm-23gg-jc9r
CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Version 6.23.0 patches the issue.
Analysis
Incus versions prior to 6.23.0 fail to validate image fingerprints when downloading from simplestreams servers, enabling attackers with local privileges to poison the image cache and potentially cause other tenants to execute attacker-controlled container or virtual machine images instead of legitimate ones. The vulnerability requires local authentication and specific conditions but carries high integrity impact in multi-tenant environments; no active exploitation has been confirmed.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today