CVE-2021-41092

CVE-2021-41092 describes a Docker CLI vulnerability where docker login against a misconfigured credentials store (credsStore/credHelpers) could cause credentials to be sent to registry-1.docker.io instead of a private registry. The issue affects the Docker CLI and was fixed in Docker CLI 20.10.9....

CVE-2025-15558

Docker Desktop vulnerability CVE-2025-15558 involves the Docker CLI for Windows. The CLI searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (e.g....