TL;DR
The Incus team patched six critical flaws in version 7.2.0. Each one scores 9.9 on the CVSS scale. Most let a malicious image or input write files as root, which can lead to command execution.
Why It Matters
Incus runs system containers and virtual machines on Linux. Admins deploy it from single servers to full data-center clusters. Therefore, a root-level flaw here puts whole hosts at risk. These Incus vulnerabilities share one trait. They break the boundary between an instance and its host. An attacker who controls an image or a backup can reach the host filesystem. Shared hosting and multi-tenant setups face the most exposure, since one bad image can affect every tenant on the box.
How the Attack Works
Five of the six Incus vulnerabilities trace back to image and backup handling. Several bugs abuse crafted images. CVE-2026-48749 and CVE-2026-48752 use unsanitized symlinks in an image to read or write host files. CVE-2026-48750 abuses a symlinked exec-output directory to drop files in chosen locations. CVE-2026-48769 tricks the Incus client with a forged image-hash header, which forces a root-level write on the client. CVE-2026-48755 injects extra arguments into the backup compression command. As a result, the daemon writes attacker-chosen files. CVE-2026-48751 ignores a project restriction, so a restored snapshot runs arbitrary commands. The published Incus security advisories explain each chain in detail.
Affected Versions
All six flaws affect Incus releases before v7.2.0. The team fixed them in v7.2.0 and later. Debian also backported patches to its stable incus package, so distribution users should watch for vendor updates too.
Patch and Mitigation
These Incus vulnerabilities now have a fix, so upgrade to the v7.2.0 release or newer right away. Until you patch, avoid importing images or backups from untrusted sources. Trust only image servers you control. Review project restrictions and limit who can move snapshots between servers. No in-the-wild exploitation has been confirmed. However, the technical advisories are public, so treat the risk as real.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.