High
CVE-2026-6406
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly…
Tag: Docker Engine
All CVEs associated with "Docker Engine". Page 1/1 • 30 CVEs.
About “Docker Engine”
A curated feed of “Docker Engine”-related CVEs appears below. We currently track 30 CVEs for this tag (all time). In the last 365 days, 5 were published. Average CVSS is 6.5 (all time; 6.5 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-909 - Missing Initialization of Resource, CWE-863 - Incorrect Authorization, CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').
In our taxonomy this topic maps to a MODERATE impact class. Container and Kubernetes fixes usually require image rebuilds and control plane or node upgrades. Prioritize exposed surfaces, restart workloads on patched bases, and tighten RBAC and NetworkPolicies. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
Support & lifecycle: docker-engine
This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.
| Cycle | Release | Latest | EOL | LTS |
|---|---|---|---|---|
| 29 | 29.5.2 | - | ||
| 28 | 28.5.2 | - | ||
| 27 | 27.5.1 | Expired | ||
| 26.1 | 26.1.5 | Expired | ||
| 26.0 | 26.0.2 | Expired | ||
| 25.0 | 25.0.16 | - | ||
| 24.0 | 24.0.9 | Expired | ||
| 23.0 | 23.0.18 | Expired | ||
| 20.10 | 20.10.27 | Expired | ||
| 19.03 | 19.03.15 | Expired | ||
| 18.09 | 18.09.9 | Expired | ||
| 18.06 | 18.06.3 | Expired | ||
| 18.05 | 18.05.0 | Expired | ||
| 18.04 | 18.04.0 | Expired | ||
| 18.03 | 18.03.1 | Expired | ||
| 18.02 | 18.02.0 | Expired | ||
| 17.12 | 17.12.1 | Expired | ||
| 18.01 | 18.01.0 | Expired | ||
| 17.11 | 17.11.0 | Expired | ||
| 17.10 | 17.10.0 | Expired | ||
| 17.09 | 17.09.1 | Expired | ||
| 17.07 | 17.07.0 | Expired | ||
| 17.06 | 17.06.2 | Expired | ||
| 17.05 | 17.05.0 | Expired | ||
| 17.04 | 17.04.0 | Expired | ||
| 17.03 | 17.03.2 | Expired |
Maintained Soon (≤ 180 days) Expired
Subscribe lifecycle: RSS · RSS (expired) · ICS
Subscribe CVEs: RSS for “Docker Engine” · RSS (High+Critical only)
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2026-05-22
2026-02-27
Medium
CVE-2026-27734
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "cont…
2025-08-20
Critical
CVE-2025-9074
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vul…
2025-07-30
Low
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulne…
Medium
CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.…
2024-07-24
Critical
CVE-2024-41110
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypas…
2024-04-18
Medium
CVE-2024-32473
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on netwo…
2024-03-20
Medium
CVE-2024-29018
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows…
2023-03-13
High
CVE-2023-0629
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/docker_engine_linu…
2022-09-09
Medium
CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has di…
2022-04-18
Medium
CVE-2022-27652
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with no…
2022-04-04
Medium
CVE-2022-27651
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-em…
High
CVE-2022-27650
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with…
High
CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly…
2022-03-24
Medium
CVE-2022-24769
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectl…
2021-10-04
Medium
CVE-2021-41091
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirec…
Low
CVE-2021-41089
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted…
2020-12-30
Medium
CVE-2020-27534
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.T…
2020-06-02
Medium
CVE-2020-13401
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts…
2019-12-17
High
CVE-2014-8179
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to injec…
Medium
CVE-2014-8178
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a cra…
2019-07-18
High
CVE-2019-13509
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a…
2019-01-12
Medium
CVE-2018-20699
Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go,…
2018-09-10
High
CVE-2018-12608
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows sy…
2016-12-26
Critical
CVE-2016-9223
A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privi…
2016-10-28
High
CVE-2016-8867
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or m…
2015-05-18
Low
CVE-2015-3631
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
High
CVE-2015-3630
Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive…
High
CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an imag…
High
CVE-2015-3627
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an…