docker inc.

Top products

The 15 most recently published vulnerabilities affecting docker inc..

• CVE-2026-33748BuildKit Git URL subdir component can cause access to restricted files7.5Mar 27, 2026
• CVE-2026-33747BuildKit vulnerable to malicious frontend causing file escape outside of storage root8.4Mar 27, 2026
• CVE-2026-28400Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint7.5Feb 27, 2026
• CVE-2025-14740Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerabilities6.7Feb 4, 2026
• CVE-2025-13743Expired Personal Access Tokens (PATs) are recorded in Docker Desktop diagnostic logs7.5Dec 9, 2025
• CVE-2025-62725Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations8.8Oct 27, 2025
• CVE-2025-9164Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows7.8Oct 27, 2025
• CVE-2025-9074Docker Desktop allows unauthenticated access to Docker Engine API from containers8.6Aug 20, 2025
• CVE-2025-6587Exposure of system environment variables in Docker Desktop diagnostic logs6.5Jul 3, 2025
• CVE-2025-3224Elevation of Privilege in Docker Desktop for Windows during Upgrade due to Insecure Directory Deletion7.8Apr 28, 2025
• CVE-2025-0495Secrets leakage to telemetry endpoint via cache backend configuration via buildx3.3Mar 17, 2025
• CVE-2024-9348Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view9.0Oct 16, 2024
• CVE-2024-41110Moby authz zero length regression9.9Jul 24, 2024
• CVE-2024-6222In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages7.0Jul 9, 2024
• CVE-2024-5652In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode6.1Jul 9, 2024