CVE-2025-54287

Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration 
permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
canonicalCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://github.com/canonical/lxd/security/advisories/GHSA-w2hg-2v4p-vmh6