CVE-2026-35527 | lxc incus up to 6.x imgPostURLInfo server-side request forgery

A vulnerability has been found in lxc incus up to 6.x and classified as critical. Impacted is the function imgPostURLInfo. Performing a manipulation results in server-side request forgery.

This vulnerability is known as CVE-2026-35527. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More