Vulnerability in Lxc Incus

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (4.0th percentile) — read the EPSS interpretation.