PT-2026-29158

Name of the Vulnerable Software and Affected Versions NocoBase versions prior to 2.0.28 Description NocoBase is an AI-powered no-code/low-code platform. Versions of NocoBase prior to 2.0.28 have a security flaw that allows an authenticated attacker to achieve Remote Code Execution RCE as root. Th...

CrewAI 安全漏洞

CrewAI is an open-source code execution and analysis tool component developed by CrewAI. CrewAI has a security vulnerability that stems from incorrect checking of Docker’s running status and reverting to a sandbox setting, which may lead to remote code execution...

PT-2026-29048

Name of the Vulnerable Software and Affected Versions CrewAI versions affected versions not specified Description The CodeInterpreter tool within CrewAI reverts to SandboxPython when Docker is unreachable. This fallback can allow for Remote Code Execution RCE through the ability to call arbitrary...

PT-2026-29104

Name of the Vulnerable Software and Affected Versions Docker Model Runner versions prior to 1.1.25 Docker Desktop versions prior to 4.67.0 Description The software contains a Server-Side Request Forgery SSRF issue within the OCI registry token exchange process. When retrieving a model, the softwa...

BentoML < 1.4.37 Command Injection (GHSA-jfjg-vc52-wqvf)

The version of the BentoML library installed on the remote host is prior to 1.4.37. It is, therefore, affected by a command injection vulnerability: - The docker.systempackages field in bentofile.yaml accepts arbitrary strings that are interpolated directly into Dockerfile RUN commands without...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 - Kobold Exploit Full chain exploit for the Ko...

CVE-2026-33744

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.37, the docker.systempackages field in bentofile.yaml accepts arbitrary strings that are interpolated directly into Dockerfile RUN commands without sanitization. Since...

EUVD-2026-16793

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps formerly add-ons configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuratio...

CVE-2026-34205

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps formerly add-ons configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuratio...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the actions/cache server process. An attacker can inject malicious cache entries and retrieve all existing caches by connecting to the server and predicting cache keys, potentially leading to execution of...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the request handling flow inside the Docker daemon. An attacker can bypass authorization checks by sending specially-crafted requests that cause the authorization plugin to receive the request without its body...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the request handling flow inside the Docker daemon. An attacker can bypass authorization checks by sending specially-crafted requests that cause the authorization plugin to receive the request without its body...

Moby has AuthZ plugin bypass when provided oversized request bodies

Summary A security vulnerability has been detected that allows attackers to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. This is an incomplete fix for CVE-2024-41110. Impact If you don't use AuthZ plugins, you are not affecte...

GHSA-PXQ6-2PRW-CHJ9 Moby has an Off-by-one error in its plugin privilege validation

Summary A security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user...

Moby has an Off-by-one error in its plugin privilege validation

Summary A security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user...

SUSE-SU-2026:1118-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption bsc1253904...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption bsc1253904. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

SUSE-SU-2026:20949-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

SUSE-SU-2026:20976-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: trivy-operator, trivy, docker-compose, guac, buildah, kaniko, osv-scanner, skaffold, scorecard, kubescape, zot, conftest, docker-cli-buildx...