{"package":"github.com/lxc/incus/v6","ecosystem":"go","latest_version":"v6.23.0","description":"Powerful system container and virtual machine manager ","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pkg.go.dev/github.com/lxc/incus/v6","repository":"https://github.com/lxc/incus/v6","downloads_weekly":5271,"health":{"score":68,"risk":"moderate","breakdown":{"maintenance":20,"popularity":6,"security":25,"maturity":12,"community":5},"deprecated":false,"max_score":100},"vulnerabilities":{"count":3,"critical":0,"high":0,"medium":0,"low":3,"details":[{"vuln_id":"CVE-2025-64507","severity":"unknown","summary":"Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus","affected_versions":">=6.1.0","fixed_version":null,"source":"osv","published_at":"2025-11-17T19:11:25Z","in_kev":false,"epss_prob":0.00027,"epss_percentile":0.07474,"threat_tier":"theoretical"},{"vuln_id":"CVE-2026-23954","severity":"unknown","summary":"Incus container image templating arbitrary host file read and write in github.com/lxc/incus","affected_versions":">=6.1.0","fixed_version":null,"source":"osv","published_at":"2026-02-05T03:20:45Z","in_kev":false,"epss_prob":0.0005,"epss_percentile":0.1522,"threat_tier":"theoretical"},{"vuln_id":"CVE-2026-23953","severity":"unknown","summary":"Incus container environment configuration newline injection in github.com/lxc/incus","affected_versions":">=6.1.0","fixed_version":null,"source":"osv","published_at":"2026-02-05T03:20:45Z","in_kev":false,"epss_prob":0.00017,"epss_percentile":0.04249,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"v6.23.0","total_count":32,"recent":["v6.2.0","v6.12.0","v6.17.0","v6.0.6","v6.4.0","v6.23.0","v6.19.1","v6.19.0","v6.5.0","v6.1.0","v6.14.0","v6.15.0","v6.0.3","v6.11.0","v6.10.0","v6.21.0","v6.0.0","v6.0.1","v6.22.0","v6.20.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":580,"first_published":null,"last_published":"2026-03-27T05:19:47Z","dependencies_count":0,"dependencies":[]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"v6.23.0","version_hint":null,"summary":"github.com/lxc/incus/v6@v6.23.0 is safe to use (health: 68/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":1074,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":35,"avg_days_between_releases":null,"release_velocity":"active"}}