[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-34177":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-09T20:11:56.904Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":55,"aliases":56,"duplicate_of":9,"upstream":57,"downstream":58,"duplicates":59,"related":60,"reserved_at":9,"published_at":61,"modified_at":62,"state":63,"summary":64,"references_raw":73,"kevs":87,"epss":88,"epss_history":91,"metrics":93,"affected":101},"CVE-2026-34177","Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-184","Incomplete List of Disallowed Inputs","The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.","weakness","Draft","Base",[19,23,27,31,35,39,43,47,51],{"id":20,"name":21,"techniques":22},"CAPEC-120","Double Encoding",[],{"id":24,"name":25,"techniques":26},"CAPEC-15","Command Delimiters",[],{"id":28,"name":29,"techniques":30},"CAPEC-182","Flash Injection",[],{"id":32,"name":33,"techniques":34},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":36,"name":37,"techniques":38},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":40,"name":41,"techniques":42},"CAPEC-6","Argument Injection",[],{"id":44,"name":45,"techniques":46},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":48,"name":49,"techniques":50},"CAPEC-73","User-Controlled Filename",[],{"id":52,"name":53,"techniques":54},"CAPEC-85","AJAX Footprinting",[],[],[],[],[],[],[],"2026-04-09T09:15:27.532Z","2026-04-09T12:12:48.251Z","Received",{"cisa_kev":65,"cisa_ransomware":65,"cisa_vendor":9,"epss_severity":66,"epss_score":67,"severity":68,"severity_score":69,"severity_version":70,"severity_source":71,"severity_vector":72,"severity_status":63},false,"low",0.00103,"critical",9.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",[74,81],{"url":75,"sources":76,"tags":78},"https://github.com/canonical/lxd/security/advisories/GHSA-fm2x-c5qw-4h6f",[71,77],"nvd",[79,80],"VDB Entry","Vendor Advisory",{"url":82,"sources":83,"tags":84},"https://github.com/canonical/lxd/pull/17909",[71,77],[85,86],"Patch","Issue Tracking",[],{"date":89,"score":67,"percentile":90},"2026-04-09",0.28326,[92],{"date":89,"score":67,"percentile":90},[94,99],{"source":71,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":95,"cvss_v4_0":9},{"baseScore":69,"baseSeverity":96,"vectorString":72,"impactScore":97,"exploitabilityScore":98},"CRITICAL",10,5.9,{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":100,"cvss_v4_0":9},{"baseScore":69,"baseSeverity":96,"vectorString":72,"impactScore":97,"exploitabilityScore":98},[102],{"ecosystem":9,"name":103,"vendor":104,"product":103,"cpe_part":105,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":106},"lxd","canonical","a",[107,114,118],{"version":108,"is_range":109,"range_type":71,"version_start":110,"version_start_type":111,"version_end":112,"version_end_type":113,"fixed_in":9},">= 4.12.0, \u003C 5.0.7",true,"4.12.0","including","5.0.7","excluding",{"version":115,"is_range":109,"range_type":71,"version_start":116,"version_start_type":111,"version_end":117,"version_end_type":113,"fixed_in":9},">= 5.1.0, \u003C 5.21.5","5.1.0","5.21.5",{"version":119,"is_range":109,"range_type":71,"version_start":120,"version_start_type":111,"version_end":121,"version_end_type":113,"fixed_in":9},">= 6.0.0, \u003C 6.8.0","6.0.0","6.8.0"]