Package impact
GO / github.com/moby/moby/v2
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42306 | high | — | 8.0 | 10d ago | Docker: Race condition in docker cp allows bind mount redirection to host path | |||
| CVE-2026-41567 | high | — | 8.0 | 10d ago | Docker: `PUT /containers/{id}/archive` executes container binary on the host | |||
| CVE-2026-34040 | high | — | 8.0 | 2mo ago | Moby has AuthZ plugin bypass when provided oversized request bodies | |||
| CVE-2026-41568 | medium | — | 5.5 | 10d ago | Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap |