4 matches found
CVE-2026-54319
Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume reference volumeId, which may also be a volume name was forwarded to the runner and used to build the host bind-mount source path without confinement. A...
Exploit for Authentication Bypass Using an Alternate Path or Channel in Mobyproject Moby
CVE-2026-34040 Full Lab PoC Docker/Moby AuthZ Plugin Bypass...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...