CVE-2026-2664

Medium CVSS: 6.8

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop 4.62.0 .

Vendor

Docker

Product

Desktop

CWE

CWE-125

Yayın Tarihi

2026-02-24 10:16:03

Güncelleme

2026-02-27 17:56:12

Source Identifier

security@docker.com

KEV Date Added

Kategoriler

CWE-125 Desktop MEDIUM Docker 2026

Referanslar

https://docs.docker.com/desktop/release-notes/#4620

Benzer Kayıtlar

High

CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exis…

Low

CVE-2025-13743

Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serializatio…

High

CVE-2025-64443

MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gatew…

High

CVE-2025-3224

A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-pr…