Lucene search
+L

439 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/27 9:6 p.m.7 views

CVE-2026-28400

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/27 9:6 p.m.26 views

CVE-2026-28400 Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/27 9:6 p.m.4 views

CVE-2026-28400 Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/27 9:6 p.m.9 views

EUVD-2026-9073

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 9:6 p.m.7 views

CVE-2026-28400 Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.7 views

Docker Desktop < 4.43.0 Information Disclosure

The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...

5.2CVSS5.8AI score0.00126EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.11 views

Docker Desktop < 4.62.0 Out of Bounds Read

The version of Docker Desktop is prior to 4.62.0. It is therefore affected by an out of bounds read vulnerability. - An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local...

7.8CVSS6.5AI score0.00186EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/25 10:16 a.m.6 views

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

7.8CVSS5.5AI score0.00186EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/02/25 12:0 a.m.5 views

Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handli...

6.5CVSS5AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2026/02/24 10:16 a.m.11 views

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

7.8CVSS5.7AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 10:16 a.m.9 views

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

7.8CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/24 10:9 a.m.5 views

CVE-2026-2664 Out of bounds read vulnerability in grpcfuse kernel module

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

6.8CVSS5.5AI score0.00186EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 10:9 a.m.8 views

CVE-2026-2664

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

6.8CVSS5.5AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/24 10:9 a.m.25 views

CVE-2026-2664 Out of bounds read vulnerability in grpcfuse kernel module

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

6.8CVSS0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/24 10:9 a.m.10 views

EUVD-2026-7385

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...

6.8CVSS5.5AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 10:9 a.m.34 views

CVE-2026-2664

Summary: CVE-2026-2664 is an out-of-bounds read in the grpcfuse kernel module used by Docker Desktop’s Linux VM on Windows, Linux, and macOS. Affected: Docker Desktop versions up to 4.61.0. Attack vector: local attacker could exploit by writing to /proc/docker entries, with impact described as un...

7.8CVSS5.5AI score0.00186EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.11 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software from the American company Docker, based on container technology, used for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...

7.8CVSS6.6AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.9 views

PT-2026-21675

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.62.0 Description An out of bounds read issue exists in the grpcfuse kernel module within the Linux VM used by Docker Desktop for Windows, Linux, and macOS. This could allow a local attacker to potentially cau...

7.8CVSS5.3AI score0.00186EPSS
Exploits0References12
Zero Day Initiative
Zero Day Initiative
added 2026/02/23 12:0 a.m.7 views

Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.5CVSS5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.4 views

Docker Desktop < 4.57.0 Privilege Escalation

The version of Docker Desktop is prior to 4.57.0. It is therefore affected by a privilege escalation vulnerability. - This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. User interaction on the part of an administrator is...

6.7CVSS6.9AI score0.00196EPSS
Exploits0References4
Rows per page
Query Builder