Docker and Docker Desktop Flaws Expose Systems to Security Bypass Risks
German authorities issued advisories for multiple vulnerabilities in Docker and a separate Docker Desktop flaw that allows security measures to be bypassed, highlighting security risks across both the container engine ecosystem and the desktop management platform. The notices identify Docker broadly as affected in one case, while the other specifically warns that Docker Desktop contains a vulnerability that could let attackers circumvent intended protections.
The paired advisories indicate that organizations using Docker in development or production environments may face exposure from both general software weaknesses and a more targeted bypass issue in Docker Desktop. Security teams should review affected versions, assess where Docker and Docker Desktop are deployed, and prioritize vendor guidance and patching to reduce the risk of unauthorized access or weakened container security controls.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
dCERT discloses Docker Desktop privilege escalation vulnerability
dCERT published Advisory 2026-1237 for Docker Desktop describing a vulnerability that allows privilege escalation. No additional technical details or remediation information are provided in the reference content.
dCERT warns of Docker Desktop security bypass vulnerability
dCERT published Advisory 2026-0973 for Docker Desktop describing a vulnerability that allows bypassing security measures. The reference does not include additional remediation or impact details.
dCERT publishes advisory on multiple Docker vulnerabilities
dCERT issued Advisory 2026-0851 covering multiple vulnerabilities affecting Docker. No further technical details are provided in the reference content.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
dCERT - Advisory 2026-1237 - Docker Desktop: Vulnerability allows privilege escalation
dcert.de
Open sourcedCERT - Advisory 2026-0973 - Docker Desktop: Vulnerability allows bypassing security measures
dcert.de
Open sourcedCERT - Advisory 2026-0851 - docker: Multiple Vulnerabilities
dcert.de
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Multiple Docker and Docker Desktop Model Runner Flaws Enable Code Execution
dCERT published advisory `2026-1556` warning of multiple vulnerabilities in **Docker**, followed by advisory `2026-1631` covering **Docker Desktop Model Runner** flaws that can allow **code execution**. The notices indicate that security issues affect both the core container ecosystem and a Docker Desktop component used for model execution, expanding the potential attack surface across developer and workstation environments. The paired advisories highlight a broader risk to organizations relying on Docker tooling: attackers may be able to exploit multiple weaknesses to run unauthorized code on affected systems. Security teams using Docker or Docker Desktop should review the impacted products and versions referenced in the dCERT advisories, prioritize patching, and assess whether developer endpoints or container-management workflows are exposed to these vulnerabilities.
May 26, 2026
Docker Desktop for Windows 0-Days Enable Host Privilege Escalation From Containers
Zero Day Initiative disclosed two **Docker Desktop for Windows** privilege-escalation flaws after Docker rejected the reports as outside its threat model. The first issue, tracked as **ZDI-26-258** / `ZDI-CAN-27229`, affects the `extension-manager` component and is caused by an exposed dangerous function in Docker Extensions. ZDI said an attacker who can already execute high-privileged code inside a container could exploit the flaw to run arbitrary code on the Windows host as **SYSTEM**. The advisory lists no assigned CVE and a **CVSS 8.2** score, and credits **Nitesh Surana of TrendAI Research** with the discovery. A second advisory, **ZDI-26-260** / `ZDI-CAN-27571`, describes an uncontrolled search path issue in the Docker Desktop `system/editor` endpoint caused by execution of a program from an unsecured location. ZDI said exploitation requires an attacker to first escape the container and execute high-privileged code inside the Docker **Hyper-V VM**, after which arbitrary code can be run on the host in the context of the current user; the flaw carries a **CVSS 7.5** score. The issue was reported to Docker in July 2025 by **Nitesh Surana and Nelson William Gamazo Sanchez of TrendAI Research**, but was later published as a 0-day after the vendor declined to address it because it depended on prior privileged access.
May 25, 2026
Docker Engine AuthZ Bypass Flaw Enables Host Access via Oversized API Requests
Docker disclosed a high-severity Docker Engine vulnerability, **CVE-2026-34040** (`CVSS 8.8`), that allows attackers to bypass authorization plugins and perform actions that should be blocked. The flaw stems from an incomplete fix for **CVE-2024-41110** and is triggered when a specially crafted oversized Docker API request causes the request body to be dropped before inspection by an AuthZ plugin. In affected environments, the plugin may approve container operations it would otherwise deny, opening a path to unauthorized privileged actions and potential host compromise. Researchers said an attacker with Docker API access could exploit the bug by padding a container-creation request beyond **1 MB** to launch a privileged container with access to the host filesystem, exposing sensitive assets such as **AWS credentials**, **SSH keys**, and **Kubernetes configurations**. The issue affects deployments that rely on authorization plugins inspecting request bodies, while environments not using those plugins are not impacted. Docker patched the vulnerability in **Docker Engine 29.3.1** and urged defenders to upgrade, restrict Docker API access, avoid AuthZ plugins that depend on request-body inspection, and use controls such as rootless mode, user namespace remapping, and least-privilege access to reduce risk.
Apr 8, 2026