Zero Day MonitorZDM

← Back to list

—

CVE-2026-6369PATCHED

canonical · canonical-livepatch

Exposed Session Token in canonical-livepatch client snap

Description

A vulnerability was found in Canonical canonical-livepatch up to 10.14.x. It has been classified as critical. This issue affects some unknown processing of the file livepatchd.sock of the component Livepatch Service. The manipulation leads to missing authentication.

Affected Products

Vendor	Product	Versions
canonical	canonical-livepatch	0

References

https://discourse.ubuntu.com/t/security-notice-canonical-livepatch-client-snap-vulnerability/80662(vendor-advisory)

Related News (1 articles)

Tier C

VulDB14d ago

CVE-2026-6369 | Canonical canonical-livepatch up to 10.14.x Livepatch Service livepatchd.sock missing authentication

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

10.15.0

CWECWE-306, CWE-732

PublishedApr 20, 2026

Last enriched14d agov2

Trending Score5

Source articles1

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-23268

apparmor: fix unprivileged local user can do privileged policy management

Linux kernel vulnerabilities in Ubuntu 20.04 LTS and 24.04 LTS

CRITICALCVE-2026-34179

Update of type field in restricted TLS certificate allows privilege escalation to cluster admin

CRITICALCVE-2026-34178

Importing a crafted backup leads to project restriction bypass

HIGHCVE-2026-23269

apparmor: validate DFA start states are in bounds in unpack_pdb

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 20, 2026

Discovered by ZDM

Apr 20, 2026

Patch Available

Apr 20, 2026

Updated: description, severity

Apr 20, 2026

Version History

v2

Last enriched 14d ago

v2Tier C14d ago

Updated severity to CRITICAL, corrected exploit availability to false, and provided a more detailed description of the vulnerability.

descriptionseverity

via VulDB

v114d ago

Initial creation