Path Traversal in Canonical Microceph
CVE-2026-10720
Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate (such as enrolled cluster members) or join token can manipulate…
Affected products
- Canonical Microceph — versions 19.2.1+snap74c0060321, 20.0.0