CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...

ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root

Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

Astra Linux - уязвимость в docker.io

Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...

[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: datadog-agent, gitlab-kas, kpt, argo-rollouts, kubescape, kube-arangodb, juicefs-csi-driver, eksctl, k3s, cilium, k8ssandra-client, kiali, redis-operator, verticadb-operator, k9s, jitsucom-bulker, kubeflow-pipelines, rancher-fleet, kubevela, tigera-operator, trivy,...

[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: gitlab-kas, cluster-autoscaler, cloud-provider-aws, kubescape, cue, kube-arangodb, kube-vip, opencost, bento, otel-cli, vault-benchmark, tkn, kyverno-notation-aws, descheduler, db-operator, kine, mcp-grafana, nuclei, promxy, secrets-store-csi-driver-provider-azure,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, minio-fips, openbao, ko-fips, flux-source-watcher-fips, cloudbeat, coredns-fips, libnvidia-container-fips, envconsul-fips, kubernetes, keda, gitleaks, gitea-fips, chartmuseum-fips, nats-server, pulumi-language-yaml, tekton-pipelines-fips,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, minio-fips, openbao, ko-fips, flux-source-watcher-fips, cloudbeat, coredns-fips, libnvidia-container-fips, envconsul-fips, kubernetes, keda, gitleaks, gitea-fips, chartmuseum-fips, nats-server, pulumi-language-yaml, tekton-pipelines-fips,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: gitlab-kas, mailpit, ctop, minio-fips, nats-top, vault-k8s-fips, kubernetes-dashboard-metrics-scraper, flannel-fips, cert-exporter, mods, db-operator, promxy, terraform-provider-databricks-fips, nri-mysql, omnibump, openbao, ko-fips, git-sync-fips,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: wolfictl, gitlab-kas, sops, cluster-autoscaler, cloud-provider-aws, kubescape, hydra, kube-arangodb, opencost, octo-sts, bento, otel-cli, tflint, kyverno-notation-aws, descheduler, cert-manager-webhook-pdns, mcp-grafana, kine, secrets-store-csi-driver-provider-azure,...

CLEANSTART-2026-CO68219 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

CVE-2026-33747 vulnerabilities

Vulnerabilities for packages: buildah, kaniko, conftest, kubescape, osv-scanner, trivy, trivy-operator, skaffold, docker-compose, scorecard, docker-cli-buildx, guac, zot...

CVE-2026-33748 vulnerabilities

Vulnerabilities for packages: buildah, kaniko, conftest, kubescape, osv-scanner, trivy, trivy-operator, skaffold, docker-compose, scorecard, docker-cli-buildx, guac, zot...

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: buildah, kaniko, conftest, kubescape, osv-scanner, trivy, trivy-operator, skaffold, docker-compose, scorecard, docker-cli-buildx, guac, zot...

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: buildah, kaniko, conftest, kubescape, osv-scanner, trivy, trivy-operator, skaffold, docker-compose, scorecard, docker-cli-buildx, guac, zot...