CVE-2026-34179
EUVD-2026-2087609.04.2026, 10:16
In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.EnginsightAffected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| canonical | lxd | 4.12 ≤ 𝑥 ≤ 5.0.6 |
| canonical | lxd | 5.21.0 ≤ 𝑥 ≤ 5.21.4 |
| canonical | lxd | 6.0 ≤ 𝑥 ≤ 6.7 |
𝑥
= Vulnerable software versions