canonical — Vulnerabilities & Security Advisories 107

Browse all 107 CVE security advisories affecting canonical. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Canonical Ltd. primarily develops and maintains Ubuntu, a widely deployed Linux distribution, alongside the OpenStack cloud infrastructure platform and the Snap package management system. Security audits reveal a significant volume of recorded vulnerabilities, currently totaling 107 CVEs, reflecting the extensive codebase and third-party dependencies inherent in these large-scale software ecosystems. Historically, the most prevalent vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from improper input validation or insecure default configurations within associated services. While no single catastrophic incident has defined the company’s security history, the sheer number of disclosed issues highlights the challenges of maintaining rigorous patch cycles across diverse components. These findings underscore the necessity for continuous monitoring and timely updates for organizations relying on Canonical’s open-source technologies to mitigate potential exploitation risks.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-6970	authd Denial of Service and Local Privilege Escalation — authdCWE-842	7.8^AI	High^AI	2026-04-27
CVE-2026-6369	Exposed Session Token in canonical-livepatch client snap — canonical-livepatchCWE-306	7.8^AI	High^AI	2026-04-20
CVE-2026-5412	Juju CloudSpec API could leak senstive information — JujuCWE-285	9.9	Critical	2026-04-10
CVE-2026-5774	Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map — JujuCWE-362	8.8	-	2026-04-10
CVE-2025-14551	Senstive information disclosure was affecting subiquity — UbuntuCWE-1258	6.2^AI	Medium^AI	2026-04-09
CVE-2025-15480	Senstive information disclosure was affecting ubuntu-desktop-provision — UbuntuCWE-1258	5.5^AI	Medium^AI	2026-04-09
CVE-2026-34179	Update of type field in restricted TLS certificate allows privilege escalation to cluster admin — lxdCWE-915	9.1	Critical	2026-04-09
CVE-2026-34178	Importing a crafted backup leads to project restriction bypass — lxdCWE-20	9.1	Critical	2026-04-09
CVE-2026-34177	VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf — lxdCWE-184	9.1	Critical	2026-04-09
CVE-2026-4370	Improper TLS Client/Server authentication and certificate verification on Database Cluster — JujuCWE-295	10.0	Critical	2026-04-01
CVE-2026-32694	Insecure Direct Object Reference attack via predictable secret ID in Juju — JujuCWE-343	6.6	Medium	2026-03-18
CVE-2026-32693	Unauthorized access to Kubernetes secrets in Juju — JujuCWE-863	8.8	High	2026-03-18
CVE-2026-32692	Unauthorized update of out-of-scope Vault secrets — JujuCWE-285	7.6	High	2026-03-18
CVE-2026-32691	Timing ownership claim attack on new external back-end secrets — JujuCWE-708	5.3	Medium	2026-03-18
CVE-2026-28384	Authenticated RCE via unsanitized compression_algorithm — lxdCWE-78	8.8^AI	High^AI	2026-03-12
CVE-2025-13350	Use-after-free of orphaned AF_UNIX in Ubuntu builds of Linux kernel — Ubuntu LinuxCWE-416	5.5	-	2026-03-05
CVE-2026-3351	Authorization Bypass in LXD GET /1.0/certificates Endpoint — lxdCWE-862	4.3^AI	Medium^AI	2026-03-03
CVE-2026-1237	Juju 安全漏洞 — jujuCWE-672	8.8^AI	High^AI	2026-01-28
CVE-2025-5467	Ubuntu Apport Insecure File Permissions Vulnerability — apportCWE-708	3.3^AI	Low^AI	2025-12-10
CVE-2025-6966	Null-pointer dereference in python-apt TagSection.keys() — python-aptCWE-476	5.5	-	2025-12-05
CVE-2025-54293	Path Traversal in LXD Instance Log File Retrieval — LXDCWE-22	6.5^AI	Medium^AI	2025-10-02
CVE-2025-54292	Client-Side Path Traversal in LXD-UI — LXDCWE-22	8.1^AI	High^AI	2025-10-02
CVE-2025-54291	Project existence disclosure in LXD images API — LXDCWE-209	5.3^AI	Medium^AI	2025-10-02
CVE-2025-54290	Project Existence Disclosure via Error Handling in LXD Image Export — LXDCWE-200	5.3^AI	Medium^AI	2025-10-02
CVE-2025-54289	Privilege Escalation via WebSocket Connection Hijacking in LXD Operations API — LXDCWE-1385	8.8^AI	High^AI	2025-10-02
CVE-2025-54288	Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server — LXDCWE-290	5.1^AI	Medium^AI	2025-10-02
CVE-2025-54287	Arbitrary File Read via Template Injection in Snapshot Patterns — LXDCWE-1336	6.5^AI	Medium^AI	2025-10-02
CVE-2025-54286	CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI — LXDCWE-352	8.8^AI	High^AI	2025-10-02
CVE-2024-6107	Canonical MAAS 安全漏洞 — MAASCWE-287	9.6	Critical	2025-07-21
CVE-2025-5199	LPE on Multipass for macOS — MultipassCWE-276	7.3	High	2025-07-11

This page lists every published CVE security advisory associated with canonical. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

canonical — Vulnerabilities & Security Advisories 107