EUVD-2026-31493

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

Docker Desktop < 4.67.0 SSRF

The version of Docker Desktop is prior to 4.67.0. It is therefore affected by a server-side request forgery vulnerability. - Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry’s...

Docker Desktop < 4.67.0 SSRF (CVE-2026-33990)

The version of Docker Desktop installed on the remote host is prior to 4.67.0. It is, therefore, affected by a server-side request forgery SSRF vulnerability: - Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows t...

podman: podman missing TLS verification

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...

podman: podman missing TLS verification

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...