Package impact
Go / github.com/moby/moby/v2
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42306 | high | — | 8.0 | 17d ago | Docker: Race condition in docker cp allows bind mount redirection to host path | |||
| CVE-2026-41567 | high | — | 8.0 | 17d ago | Docker: `PUT /containers/{id}/archive` executes container binary on the host | |||
| CVE-2026-34040 | high | — | 8.0 | 2mo ago | Moby has AuthZ plugin bypass when provided oversized request bodies | |||
| CVE-2026-33997 | unknown | — | — | 2mo ago | Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. D… |