| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-42306 |
high |
— |
8.0 |
9d ago |
Docker: Race condition in docker cp allows bind mount redirection to host path |
|
| CVE-2026-41567 |
high |
— |
8.0 |
9d ago |
Docker: `PUT /containers/{id}/archive` executes container binary on the host |
|
| CVE-2026-34040 |
high |
— |
8.0 |
2mo ago |
Moby has AuthZ plugin bypass when provided oversized request bodies |
|
| CVE-2026-41568 |
medium |
— |
5.5 |
9d ago |
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap |
|
| CVE-2026-33997 |
unknown |
— |
— |
2mo ago |
Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker |
|