Package impact
GO / github.com/docker/docker
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42306 | high | — | 8.0 | 17d ago | Docker: Race condition in docker cp allows bind mount redirection to host path | |||
| CVE-2026-34040 | high | — | 8.0 | 2mo ago | Moby has AuthZ plugin bypass when provided oversized request bodies | |||
| CVE-2026-41567 | high | 7.2 | 7.2 | 17d ago | Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/arc… | |||
| CVE-2026-41568 | medium | — | 5.5 | 17d ago | Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap |