9125 matches found
ROS-20260524-73-0027
Vulnerability in docker-ce related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...
[SECURITY] Fedora 42 Update: docker-buildx-0.34.0-1.fc42
Docker CLI plugin for extended build capabilities with BuildKit...
[SECURITY] Fedora 42 Update: docker-buildkit-0.30.0-1.fc42
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
[SECURITY] Fedora 43 Update: docker-buildkit-0.30.0-1.fc43
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
[SECURITY] Fedora 43 Update: docker-buildx-0.34.0-1.fc43
Docker CLI plugin for extended build capabilities with BuildKit...
[SECURITY] Fedora 44 Update: docker-buildx-0.34.0-1.fc44
Docker CLI plugin for extended build capabilities with BuildKit...
[SECURITY] Fedora 44 Update: docker-buildkit-0.30.0-1.fc44
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
PT-2026-42873
Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.2 Description The "PUT /api/environments/id/templates/variables" endpoint, used to write the system-wide .env.global file for variable substitution in project compose files, lacks an admin authorization check. Any...
CVE-2026-5843
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843
The CVE describes a vulnerability in Docker Model Runner (macOS) where the MLX-LM backend unconditionally imports and executes arbitrary Python files specified by model_file in a model's config.json via importlib, without a trust_remote_code gate or sandboxing. This enables container-to-host arbi...
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
EUVD-2026-31491
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...
CVE-2026-5817
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...
EUVD-2026-31493
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...
CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends
The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...
CVE-2026-5817
CVE-2026-5817 affects the vllm-metal backend used by Docker Model Runner on macOS. The backend loads model tokenizers with trust_remote_code=True, causing transformers.AutoTokenizer.from_pretrained() to import and execute arbitrary Python files from models pulled from an OCI registry. This can en...
CVE-2026-46680 vulnerabilities
Vulnerabilities for packages: headlamp, grype-db, eks-node-monitoring-agent-fips, zarf, cloudbeat, opa-fips-envoy, buildkitd, docker-compose, scorecard, kubevela-fips, amazon-ecs-agent-fips, helm-fips, ctop, fuse-overlayfs-snapshotter, grype, headlamp-fips, gitlab-rails-ce, k8sgpt,...