CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3

CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...

ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root

Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...

CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

Astra Linux - уязвимость в docker.io

Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...

[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: trivy-operator, argo-cd, kpt, kwok, redis-operator, kubeflow-pipelines, trivy, juicefs-csi-driver, jitsucom-bulker, cloudnative-pg, zarf, gitlab-runner, kubevela, consul-k8s, skaffold, cluster-api, teleport, gitlab-kas, velero, cri-tools, docker-cli-buildx, istio,...

[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)

Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: terraform-provider-pagerduty, k8s-device-plugin, hubble-ui, spqr, aws-flb-firehose, minio-object-browser, juicefs-csi-driver, cert-manager-csi-driver, grpcurl, nginx-prometheus-exporter, cerbos, cloud-sql-proxy, gitaly, kubernetes-csi-driver-hostpath,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: flux-fips, grafana-fips, libnvidia-container, openbao, kine, witness, gh, gatekeeper-fips, kubescape, xeol-fips, gomplate-fips, kube-mgmt-fips, rancher, kube-arangodb, grafana, gitlab-kas, kubernetes-fips, redka, buildah-fips, rancher-agent, trivy-fips,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: flux-fips, grafana-fips, libnvidia-container, openbao, kine, witness, gh, gatekeeper-fips, kubescape, xeol-fips, gomplate-fips, kube-mgmt-fips, rancher, kube-arangodb, grafana, gitlab-kas, kubernetes-fips, redka, buildah-fips, rancher-agent, trivy-fips,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-livenessprobe-fips, grafana-mimir, nri-mssql-fips, flux-fips, grafana-beyla, descheduler, grafana-fips, request-1279, yunikorn-web-fips, libnvidia-container, openbao, kine, kyverno-policy-reporter-ui, seaweedfs-operator-fips,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-livenessprobe-fips, grafana-mimir, nri-mssql-fips, flux-fips, grafana-beyla, descheduler, grafana-fips, request-1279, yunikorn-web-fips, libnvidia-container, openbao, kine, kyverno-policy-reporter-ui, seaweedfs-operator-fips,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-livenessprobe-fips, grafana-mimir, nri-mssql-fips, flux-fips, grafana-beyla, descheduler, grafana-fips, request-1279, yunikorn-web-fips, libnvidia-container, openbao, kine, kyverno-policy-reporter-ui, seaweedfs-operator-fips,...

GHSA-HFVC-G4FC-PQHX vulnerabilities

Vulnerabilities for packages: fluent-bit-plugin-loki, kaniko, kubernetes-csi-external-snapshotter, opa, spicedb, blob-csi, cass-operator, ferretdb, sftpgo-plugin-kms, rekor, fulcio, kubernetes-csi-external-provisioner, zarf, cerbos, rabbitmq-messaging-topology-operator, gitaly,...

CLEANSTART-2026-CO68219 Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ProgramData\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\Docker\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\cli-plugins, a directory that does not exist by default

Multiple security vulnerabilities affect the istio-fips package. Docker CLI for Windows searches for plugin binaries in...

CVE-2026-33747 vulnerabilities

Vulnerabilities for packages: trivy-operator, zot, kaniko, guac, docker-cli-buildx, buildah, trivy, kubescape, scorecard, docker-compose, conftest, osv-scanner, skaffold...

CVE-2026-33748 vulnerabilities

Vulnerabilities for packages: trivy-operator, zot, kaniko, guac, docker-cli-buildx, buildah, trivy, kubescape, scorecard, docker-compose, conftest, osv-scanner, skaffold...

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: trivy-operator, zot, kaniko, guac, docker-cli-buildx, buildah, trivy, kubescape, scorecard, docker-compose, conftest, osv-scanner, skaffold...

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: trivy-operator, zot, kaniko, guac, docker-cli-buildx, buildah, trivy, kubescape, scorecard, docker-compose, conftest, osv-scanner, skaffold...