CVE-2025-54290

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.

More information : https://github.com/canonical/lxd/security/advisories/GHSA-p3x5-mvmp-5f35