4 matches found
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
Docker Desktop < 4.71.0 Container Escape (CVE-2026-5843)
The version of Docker Desktop installed on the remote host is prior to 4.71.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner MLX inference backend. An attacker with access to a container could...
CVE-2026-5843
creationtimestamp| type| source ---|---|--- 2026-05-20 14:10:26+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3hreejc2q 2026-05-22 23:02:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmi24enaid2c 2026-06-02 00:07:08+00:00| seen|...