Cyber Resilience

CVE-2026-23953

HighPublic PoC

Published: 22 January 2026

Published
22 January 2026
Modified
30 January 2026
KEV Added
Patch
CVSS Score v3.1 8.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS Score 0.0047 37.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-23953 is a high-severity CRLF Injection (CWE-93) vulnerability in Linuxcontainers Incus. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Escape to Host (T1611); ranked at the 37.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-23953 is a newline injection vulnerability in Incus, a system container and virtual machine manager, affecting versions 6.20.0 and below. The issue arises when a user launches a container with a custom YAML configuration, allowing them to inject newlines into an environment variable. This injection appends unauthorized configuration items to the container's lxc.conf file, including arbitrary lifecycle hooks.

A member of the 'incus' group or any user able to launch containers with custom YAML can exploit this vulnerability. Successful exploitation enables arbitrary command execution on the host system. On IncusOS, attackers must modify the payload to use a writable directory like /tmp for the validation step, which can be verified using a second privileged container mounting /tmp from the host.

The GitHub security advisory (GHSA-x6jc-phwx-hp32) details the issue, with a proof-of-concept script and patch available in referenced attachments. A fix is planned for Incus versions 6.0.6 and 6.21.0, but these have not been released as of the CVE publication on 2026-01-22. The vulnerability has a CVSS v3.1 base score of 8.7 (AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N) and is associated with CWE-93.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable…

more

containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to newline injection. This can allow adding arbitrary lifecycle hooks, ultimately resulting in arbitrary command execution on the host. Exploiting this issue on IncusOS requires a slight modification of the payload to change to a different writable directory for the validation step (e.g /tmp). This can be confirmed with a second container with /tmp mounted from the host (A privileged action for validation only). A fix is planned for versions 6.0.6 and 6.21.0, but they have not been released at the time of publication.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
Why these techniques?

Newline injection into lxc.conf enables arbitrary host command execution via lifecycle hooks, directly facilitating container-to-host escape.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-33897Same product: Linuxcontainers Incus
CVE-2026-23954Same product: Linuxcontainers Incus
CVE-2026-33945Same product: Linuxcontainers Incus
CVE-2026-33711Same product: Linuxcontainers Incus
CVE-2026-33898Same product: Linuxcontainers Incus
CVE-2026-50292Shared CWE-93
CVE-2026-39983Shared CWE-93
CVE-2026-39849Shared CWE-93
CVE-2026-1714Shared CWE-93
CVE-2026-8788Shared CWE-93

Affected Assets

linuxcontainers
incus
≤ 6.0.5 · 6.1.0 — 6.21.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of YAML configuration inputs, including environment variables, to prevent newline injection that appends unauthorized items to lxc.conf.

prevent

Mandates timely identification, reporting, and correction of flaws like this newline injection vulnerability via patching to versions 6.0.6 or 6.21.0.

prevent

Enforces least privilege to restrict membership in the 'incus' group or ability to launch containers with custom YAML, limiting the attack surface.

References