9125 matches found
CVE-2026-6406
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
CVE-2026-6406 Docker Desktop Enhanced Container Isolation bypass via --use-api-socket CLI flag
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
CVE-2026-6406 Docker Desktop Enhanced Container Isolation bypass via --use-api-socket CLI flag
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
CVE-2026-6406
CVE-2026-6406 describes a local privilege-escalation in Docker Desktop via Enhanced Container Isolation (ECI). When ECI is enabled, container-originated Docker socket mounts are denied unless explicitly allowed; however, the Docker CLI flag --use-api-socket mounts the Docker socket using HostConf...
EUVD-2026-31484
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
CVE-2026-6406
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
Exploit for CVE-2026-5817
CVE-2026-5817: Docker Model Runner container-to-host RCE / Esc...
Docker Model Runner 安全漏洞
Docker Model Runner is an open-source Docker model runner developed by Docker. Docker Model Runner vllm-metal contains a security vulnerability. This vulnerability arises from setting trustremotecode=True without any sandbox protection. It may allow arbitrary Python files to be executed during...
PT-2026-42831
Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The MLX inference backend uses the MLX-LM library, which imports and executes arbitrary Python files from model directories via the model file configuration field in the...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software by the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...
Docker Model Runner 安全漏洞
Docker Model Runner is an open-source Docker model runner developed by Docker. There is a security vulnerability in Docker Model Runner MLX. This vulnerability stems from the unconditional import and execution of any Python file in the model directory. It may allow malicious models to be pulled...
PT-2026-42830
Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The vllm-metal inference backend unconditionally sets trust remote code=True when loading model tokenizers and operates without sandboxing. This allows the...
Docker Desktop < 4.68.0 Container Escape (CVE-2026-5817)
The version of Docker Desktop installed on the remote host is prior to 4.68.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner vllm-metal inference backend. An attacker with access to a container...
Docker Desktop < 4.71.0 Container Escape (CVE-2026-5843)
The version of Docker Desktop installed on the remote host is prior to 4.71.0. It is, therefore, affected by a container escape vulnerability: - A container-to-host code execution vulnerability exists in the Docker Model Runner MLX inference backend. An attacker with access to a container could...
MAL-2026-4228 Malicious code in @tiledesk/tiledesk-server (npm)
@tiledesk/tiledesk-server version 2.18.12 is a compromised release of the legitimate Tiledesk customer support platform package. This version was injected with a CI pipeline backdoor as part of the megalodon campaign — a mass GitHub repository backdooring operation targeting CI/CD runner...
CVE-2026-45409 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, open-webui, dask-kubernetes, mlflow, superset, airflow, jwt-tool, kubeflow-volumes-web-app, ggshield, kserve, datadog-agent, httpie, kubeflow-pipelines, reflex, semgrep, jupyter-base-notebook, kubeflow-jupyter-web-app,...
GHSA-65PC-FJ4G-8RJX vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, open-webui, dask-kubernetes, mlflow, superset, airflow, jwt-tool, kubeflow-volumes-web-app, ggshield, kserve, datadog-agent, httpie, kubeflow-pipelines, reflex, semgrep, jupyter-base-notebook, kubeflow-jupyter-web-app,...
CVE-2026-45409 vulnerabilities
Vulnerabilities for packages: airflow-core, authentik, wazuh-manager, jupyter-base-notebook, pgadmin4, ggshield, datadog-agent-fips, ansible-operator-fips, dask-kubernetes, dbt-bigquery, mlflow, kubeflow-pipelines, jwt-tool, wazuh-manager-fips, pgadmin4-fips, httpie, superset, dask-kubernetes-fip...
GHSA-65PC-FJ4G-8RJX vulnerabilities
Vulnerabilities for packages: airflow-core, authentik, wazuh-manager, jupyter-base-notebook, pgadmin4, ggshield, datadog-agent-fips, ansible-operator-fips, dask-kubernetes, dbt-bigquery, mlflow, kubeflow-pipelines, jwt-tool, wazuh-manager-fips, pgadmin4-fips, httpie, superset, dask-kubernetes-fip...
ai-pentest-lab
AI Pentest Lab Demo de segurança ofensiva com IA para palestr...