canonical
4,248 tracked vulnerabilities.
CVE-2026-10037
HIGH
Sandbox Escape in Ubuntu OpenJDK Packages via xdg-desktop-portal
Jul 08, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-28385
MEDIUM
SSRF via image import from URL allows internal network probing by authenticated users
Jun 26, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-9640
HIGH
Canonical - LXD Snapshot Import Privilege Escalation Vulnerability
Jun 26, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-9639
MEDIUM
Authenticated Denial of Service via Malicious Backup Tarball in LXD
Jun 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-12411
HIGH
Broken Access Control in Canonical LXD DevLXD API
Jun 26, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-12249
CRITICAL
Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment
Jun 22, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-10720
MEDIUM
MicroCeph squid/tentacle remote-import API - Path Traversal
Jun 19, 2026
EPSS 0.00
CVE-2026-47337
LOW
NULL pointer dereference in Ubuntu Linux AppArmor IPv4/IPv6 socket mediation
May 28, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-47336
LOW
Use of uninitialized value in Ubuntu Linux AppArmor IPv4/IPv6 socket mediation rules
May 28, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-47335
MEDIUM
NULL pointer dereference in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-47334
MEDIUM
Deadlock or kernel panic in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-47333
HIGH
Out-of-bounds read in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-47332
MEDIUM
Out-of-bounds read in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-47331
HIGH
Use-after-free in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-47330
LOW
Use of uninitialized value in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-47329
LOW
Incorrect validation of field size in Ubuntu Linux AppArmor notification responses
May 28, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-47328
MEDIUM
Invalid pointer deallocation in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-47327
LOW
NULL pointer dereference in Ubuntu Linux AppArmor notification handling
May 28, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-47326
MEDIUM
Memory leak in Ubuntu Linux AppArmor large notification response allocation
May 28, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-49238
HIGH
SFTP Server VM Escape in Canonical Multipass
May 28, 2026
CVSS 8.4
EPSS 0.01
CVE-2026-49237
HIGH
Local Privilege Escalation in Canonical Multipass
May 28, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-6970
HIGH
authd Denial of Service and Local Privilege Escalation
Apr 27, 2026
EPSS 0.00
CVE-2026-31431
HIGH
KEVNUCLEI
crypto: algif_aead - Revert to operating out-of-place
Apr 22, 2026
CVSS 7.8
EPSS 0.96
CVE-2026-6369
MEDIUM
Exposed Session Token in canonical-livepatch client snap
Apr 20, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-5774
MEDIUM
Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map
Apr 10, 2026
CVSS 6.4
EPSS 0.00
Products
ubuntu_linux 4,120
lxd 23
juju 20
apport 17
snapd 16
Ubuntu Linux 13
cloud-init 9
Juju 7
metal_as_a_service 5
multipass 5
accountsservice 4
authd 4
ubuntu_core 4
ubuntu_touch 4
Ubuntu 3
landscape 3
maas 3
subiquity 3
LXD 2
Multipass 2
Ubuntu 20.04 LTS 2
Ubuntu 22.04 LTS 2
Ubuntu 24.04 LTS 2
acpi-support 2
lxcfs 2
software-properties 2
ubuntu 2
ubuntu_desktop_provision 2
unity-firefox-extension 2
update-manager 2
Quick Filters