Path Traversal in Canonical Lxd

CVE-2025-54293

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (24.5th percentile) — read the EPSS interpretation.