CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/10 12:0 a.m.•5 views

arcane 代码问题漏洞

Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane prior to 1.17.3 contained code vulnerabilities. These vulnerabilities stemmed from the /api/templates/fetch endpoint, which accepted URL parameters provided by callers and processed HTTP GET requests witho...

7.2CVSS5.9AI score0.00621EPSS

Exploits1References2

Vulnrichment•added 2026/04/09 9:44 p.m.•0 views

CVE-2026-39848 Dockyard's Unauthenticated Cron Endpoint in Dockyard Enables Container Enumeration and Database Manipulation

Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop&name= or...

6.5CVSS5.8AI score0.00211EPSS

Exploits0References1

Wolfi•added 2026/04/09 1:48 p.m.•9 views

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: openfga, argocd-image-updater, fluent-bit-plugin-loki, opentelemetry-operator, kube-rbac-proxy, kiali, terraform-mcp-server, cluster-api-aws-controller, fulcio, cluster-api-helm-controller, flux-kustomize-controller, blob-csi, rabbitmq-cluster-operator,...

5.8AI score

OSV•added 2026/04/09 12:57 a.m.•1 views

CLEANSTART-2026-UQ00642 Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the minio-operator-fips package. Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details...

9.8CVSS6.9AI score0.00789EPSS

Exploits2References18

OSV•added 2026/04/09 12:47 a.m.•7 views

CLEANSTART-2026-CO68219 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

9.8CVSS6.9AI score0.00579EPSS

Exploits2References17

OSV•added 2026/04/09 12:45 a.m.•1 views

CLEANSTART-2026-BD18029 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

9.8CVSS6.9AI score0.00579EPSS

Exploits2References17

OSV•added 2026/04/09 12:44 a.m.•0 views

CLEANSTART-2026-NV37937 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio package. Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details...

9.8CVSS6.9AI score0.00522EPSS

Exploits1References13

OSV•added 2026/04/09 12:43 a.m.•1 views

CLEANSTART-2026-LY88807 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio package. Docker CLI for Windows searches for plugin binaries in...

9.8CVSS6.8AI score0.00522EPSS

Exploits1References10

Photon•added 2026/04/09 12:0 a.m.•4 views

Important Photon OS Security Update - PHSA-2026-5.0-0809

Updates of 'docker' packages of Photon OS have been released...

5.8AI score

The Hacker News•added 2026/04/08 5:51 p.m.•4 views

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Cybersecurity researchers have flagged a new variant ofmalware called Chaos that'scapable of hitting misconfigured cloud deployments, marking an expansion of the botnet's targeting infrastructure. "Chaos malware is increasingly targeting misconfigured cloud deployments, expanding beyond its...

6.6AI score

EUVD•added 2026/04/07 9:32 p.m.•6 views

EUVD-2026-19933

A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...

NVD•added 2026/04/07 8:16 p.m.•5 views

Exploits0References6

CVE-2026-5741

7.5CVSS0.01338EPSS

Cvelist•added 2026/04/07 8:0 p.m.•23 views

CVE-2026-5741 suvarchal docker-mcp-server HTTP index.ts pull_image os command injection

7.5CVSS0.01338EPSS

ATTACKERKB•added 2026/04/07 8:0 p.m.•2 views

CVE-2026-5741

Exploits0References5Affected Software1

CVE•added 2026/04/07 8:0 p.m.•6 views

CVE-2026-5741

CVE-2026-5741 affects suvarchal/docker-mcp-server up to version 0.1.0. The vulnerability is in src/index.ts functions stop_container, remove_container, and pull_image of the HTTP Interface component, enabling remote command injection. Public exploit exists and could be used for attacks; project h...

Vulnrichment•added 2026/04/07 8:0 p.m.•5 views

CVE-2026-5741 suvarchal docker-mcp-server HTTP index.ts pull_image os command injection