Lucene search
K

609 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2026-2201)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to...

8.8CVSS7.5AI score0.08123EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.16 views

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2026-2239)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to...

8.8CVSS7.5AI score0.08123EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/06/06 2:48 a.m.9 views

SUSE CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References7
NVD
NVD
added 2026/06/05 2:17 a.m.39 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS0.00153EPSS
Exploits0References4
OSV
OSV
added 2026/06/05 2:17 a.m.7 views

UBUNTU-CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/05 12:35 a.m.7 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0
CVE
CVE
added 2026/06/05 12:35 a.m.61 views

CVE-2026-41567

CVE-2026-41567 affects Docker Engine and Moby earlier than 29.5.1 / moby/moby v2 before v2.0.0-beta.14. When uploading a compressed archive to a container via PUT /containers/{id}/archive or piping with docker cp -, the daemon resolves decompression binaries from the container filesystem rather t...

7.5CVSS6.3AI score0.00153EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/05 12:35 a.m.6 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References2Affected Software3
EUVD
EUVD
added 2026/06/05 12:35 a.m.10 views

EUVD-2026-34779

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.3AI score0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 12:35 a.m.12 views

CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6.2AI score0.00153EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/05 12:35 a.m.14 views

CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6.3AI score0.00153EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/30 7:17 a.m.92 views

Exploit for CVE-2025-9074

CVE-2025-9074: Docker Engine API Unauthenticated RCE Seve...

9.3CVSS6.4AI score0.01594EPSS
Exploits15
NVD
NVD
added 2026/05/22 7:17 p.m.25 views

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 6:32 p.m.20 views

CVE-2026-6406 Docker Desktop Enhanced Container Isolation bypass via --use-api-socket CLI flag

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS0.00211EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 6:32 p.m.7 views

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

8.8CVSS7.3AI score0.00211EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/22 6:32 p.m.71 views

CVE-2026-6406

CVE-2026-6406 describes a local privilege-escalation in Docker Desktop via Enhanced Container Isolation (ECI). When ECI is enabled, container-originated Docker socket mounts are denied unless explicitly allowed; however, the Docker CLI flag --use-api-socket mounts the Docker socket using HostConf...

8.8CVSS7.3AI score0.00211EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates the supplementary group permissions, they may be abl...

6.3CVSS6.6AI score0.00807EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/15 5:38 p.m.78 views

Exploit for CVE-2025-9074

🐚 docker-shell A lightweight, dependency-free bash script tha...

9.3CVSS6.1AI score0.01594EPSS
Exploits15
The Hacker News
The Hacker News
added 2026/04/07 3:15 p.m.14 views

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins AuthZ under specific circumstances. The vulnerability, tracked as CVE-2026-34040 CVSS score: 8.8, stems from an incomplete fix for CVE-2024-41110, a...

9.9CVSS6.1AI score0.16496EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.22 views

Docker Engine 29.3.1 Multiple Vulnerabilities

The version of the Docker Engine installed on the remote host is prior to 29.3.1. It is therefore affected by multiple vulnerabilities: - CVE-2026-34040: AuthZ plugin authorization bypass vulnerability. Authorization plugins could be bypassed under specific conditions, potentially allowing...

9.8CVSS6.1AI score0.08123EPSS
Exploits1References5
Rows per page
Query Builder