High severity8.8NVD Advisory· Published Mar 31, 2026· Updated Jun 16, 2026
CVE-2026-34040
CVE-2026-34040
Description
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/moby/mobyGo | < 29.3.1 | 29.3.1 |
github.com/docker/dockerGo | < 29.3.1 | 29.3.1 |
github.com/moby/moby/v2Go | < 2.0.0-beta.8 | 2.0.0-beta.8 |
Affected products
202- Range: <29.3.1
- osv-coords200 versionspkg:apk/chainguard/apkopkg:apk/chainguard/auditbeat-8.19pkg:apk/chainguard/auditbeat-9.3pkg:apk/chainguard/auditbeat-9.4pkg:apk/chainguard/auditbeat-fips-8.19pkg:apk/chainguard/auditbeat-fips-9.3pkg:apk/chainguard/aws-otel-collectorpkg:apk/chainguard/aws-otel-collector-fipspkg:apk/chainguard/bufpkg:apk/chainguard/buildahpkg:apk/chainguard/buildah-fipspkg:apk/chainguard/cgpkg:apk/chainguard/chainloop-control-planepkg:apk/chainguard/chainloop-control-plane-fipspkg:apk/chainguard/cluster-api-1.11-capd-managerpkg:apk/chainguard/cluster-api-1.12-capd-managerpkg:apk/chainguard/cluster-api-fips-1.11-capd-managerpkg:apk/chainguard/cluster-api-fips-1.12-capd-managerpkg:apk/chainguard/consul-k8s-fips-1.4-clipkg:apk/chainguard/datadog-agent-7.77-fullpkg:apk/chainguard/dockerd-29pkg:apk/chainguard/dockerd-fips-29pkg:apk/chainguard/elastic-agent-8.19pkg:apk/chainguard/elastic-agent-9.2pkg:apk/chainguard/elastic-agent-9.3pkg:apk/chainguard/elastic-agent-fips-8.19pkg:apk/chainguard/elastic-agent-fips-9.2pkg:apk/chainguard/elastic-agent-fips-9.3pkg:apk/chainguard/elastic-otel-collector-9.3pkg:apk/chainguard/elastic-otel-collector-fips-9.3pkg:apk/chainguard/envoy-gatewaypkg:apk/chainguard/envoy-gateway-fipspkg:apk/chainguard/filebeat-8.19pkg:apk/chainguard/filebeat-9.3pkg:apk/chainguard/filebeat-9.4pkg:apk/chainguard/filebeat-fips-8.19pkg:apk/chainguard/filebeat-fips-9.3pkg:apk/chainguard/gatekeeper-3.22-gatorpkg:apk/chainguard/google-cloud-otel-ops-collectorpkg:apk/chainguard/goreleaserpkg:apk/chainguard/grafana-12.3pkg:apk/chainguard/grafana-12.4pkg:apk/chainguard/grafana-13.0pkg:apk/chainguard/grafana-beylapkg:apk/chainguard/grafana-fips-12.3pkg:apk/chainguard/grafana-fips-12.4pkg:apk/chainguard/grafana-fips-13.0pkg:apk/chainguard/heartbeat-8.19pkg:apk/chainguard/heartbeat-9.3pkg:apk/chainguard/heartbeat-9.4pkg:apk/chainguard/heartbeat-fips-8.19pkg:apk/chainguard/heartbeat-fips-9.3pkg:apk/chainguard/jfrog-clipkg:apk/chainguard/kopkg:apk/chainguard/ko-fipspkg:apk/chainguard/metricbeat-8.19pkg:apk/chainguard/metricbeat-9.3pkg:apk/chainguard/metricbeat-9.4pkg:apk/chainguard/metricbeat-fips-8.19pkg:apk/chainguard/metricbeat-fips-9.3pkg:apk/chainguard/nerdctlpkg:apk/chainguard/nerdctl-fipspkg:apk/chainguard/neuvector-controllerpkg:apk/chainguard/neuvector-controller-fipspkg:apk/chainguard/neuvector-enforcerpkg:apk/chainguard/neuvector-enforcer-fipspkg:apk/chainguard/neuvector-scannerpkg:apk/chainguard/neuvector-scanner-fipspkg:apk/chainguard/neuvector-scanner-fips-task-fipspkg:apk/chainguard/neuvector-scanner-taskpkg:apk/chainguard/neuvector-scanner-task-fipspkg:apk/chainguard/neuvector-upgraderpkg:apk/chainguard/neuvector-upgrader-fipspkg:apk/chainguard/newrelic-infrastructure-agentpkg:apk/chainguard/newrelic-infrastructure-agent-fipspkg:apk/chainguard/nrdot-collector-k8s-fipspkg:apk/chainguard/nucleipkg:apk/chainguard/openfgapkg:apk/chainguard/openfga-fipspkg:apk/chainguard/opentelemetry-collectorpkg:apk/chainguard/opentelemetry-collector-contribpkg:apk/chainguard/opentelemetry-collector-contrib-fipspkg:apk/chainguard/opentelemetry-collector-fipspkg:apk/chainguard/opentelemetry-operatorpkg:apk/chainguard/opentelemetry-operator-fipspkg:apk/chainguard/podmanpkg:apk/chainguard/podman-fipspkg:apk/chainguard/portierispkg:apk/chainguard/portieris-fipspkg:apk/chainguard/prometheus-2.51pkg:apk/chainguard/prometheus-3.10pkg:apk/chainguard/prometheus-3.11pkg:apk/chainguard/prometheus-3.5pkg:apk/chainguard/prometheus-3.8pkg:apk/chainguard/prometheus-3.9pkg:apk/chainguard/prometheus-fips-3.10pkg:apk/chainguard/prometheus-fips-3.11pkg:apk/chainguard/prometheus-fips-3.5pkg:apk/chainguard/prometheus-fips-3.8pkg:apk/chainguard/prometheus-fips-3.9pkg:apk/chainguard/pulumipkg:apk/chainguard/rancher-2.12pkg:apk/chainguard/rancher-2.13pkg:apk/chainguard/rancher-2.14pkg:apk/chainguard/rancher-agent-2.12pkg:apk/chainguard/rancher-agent-2.13pkg:apk/chainguard/rancher-agent-2.14pkg:apk/chainguard/rancher-machinepkg:apk/chainguard/skopeopkg:apk/chainguard/skopeo-fipspkg:apk/chainguard/splunk-otel-collectorpkg:apk/chainguard/splunk-otel-collector-fipspkg:apk/chainguard/teleport-17pkg:apk/chainguard/teleport-18pkg:apk/chainguard/teleport-18-kube-agent-updaterpkg:apk/chainguard/teleport-18-kube-agent-updater-compatpkg:apk/chainguard/teleport-18-operatorpkg:apk/chainguard/teleport-18-operator-compatpkg:apk/chainguard/traefik-2.11pkg:apk/chainguard/traefik-3.6pkg:apk/chainguard/traefik-fips-2.11pkg:apk/chainguard/traefik-fips-3.6pkg:apk/chainguard/trivypkg:apk/chainguard/trivy-fipspkg:apk/chainguard/undockpkg:apk/chainguard/upwind-agentpkg:apk/chainguard/wolfictlpkg:apk/chainguard/zarfpkg:apk/chainguard/zarf-fipspkg:apk/chainguard/zotpkg:apk/wolfi/apkopkg:apk/wolfi/aws-otel-collectorpkg:apk/wolfi/bufpkg:apk/wolfi/buildahpkg:apk/wolfi/cluster-api-1.11-capd-managerpkg:apk/wolfi/cluster-api-1.12-capd-managerpkg:apk/wolfi/datadog-agent-7.77-fullpkg:apk/wolfi/dockerd-29pkg:apk/wolfi/envoy-gatewaypkg:apk/wolfi/gatekeeper-3.22-gatorpkg:apk/wolfi/goreleaserpkg:apk/wolfi/grafana-12.3pkg:apk/wolfi/grafana-12.4pkg:apk/wolfi/grafana-13.0pkg:apk/wolfi/kopkg:apk/wolfi/nerdctlpkg:apk/wolfi/neuvector-controllerpkg:apk/wolfi/neuvector-enforcerpkg:apk/wolfi/neuvector-scannerpkg:apk/wolfi/neuvector-scanner-taskpkg:apk/wolfi/newrelic-infrastructure-agentpkg:apk/wolfi/nucleipkg:apk/wolfi/openfgapkg:apk/wolfi/opentelemetry-collectorpkg:apk/wolfi/opentelemetry-collector-contribpkg:apk/wolfi/opentelemetry-operatorpkg:apk/wolfi/podmanpkg:apk/wolfi/portierispkg:apk/wolfi/prometheus-3.10pkg:apk/wolfi/prometheus-3.11pkg:apk/wolfi/prometheus-3.5pkg:apk/wolfi/prometheus-3.8pkg:apk/wolfi/prometheus-3.9pkg:apk/wolfi/pulumipkg:apk/wolfi/rancher-2.12pkg:apk/wolfi/rancher-2.13pkg:apk/wolfi/rancher-2.14pkg:apk/wolfi/rancher-agent-2.12pkg:apk/wolfi/rancher-agent-2.13pkg:apk/wolfi/rancher-agent-2.14pkg:apk/wolfi/rancher-machinepkg:apk/wolfi/skopeopkg:apk/wolfi/splunk-otel-collectorpkg:apk/wolfi/teleport-17pkg:apk/wolfi/teleport-18pkg:apk/wolfi/teleport-18-kube-agent-updaterpkg:apk/wolfi/teleport-18-kube-agent-updater-compatpkg:apk/wolfi/teleport-18-operatorpkg:apk/wolfi/teleport-18-operator-compatpkg:apk/wolfi/traefik-3.6pkg:apk/wolfi/trivypkg:apk/wolfi/undockpkg:apk/wolfi/wolfictlpkg:apk/wolfi/zarfpkg:apk/wolfi/zotpkg:rpm/opensuse/docker-stable&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP7pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 1.2.0-r0+ 199 more
- (no CPE)range: < 1.2.0-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 1.68.3-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 0.2.235-r0
- (no CPE)range: < 1.100.8-r0
- (no CPE)range: < 1.100.8-r0
- (no CPE)range: < 1.11.8-r0
- (no CPE)range: < 1.12.5-r0
- (no CPE)range: < 1.11.8-r0
- (no CPE)range: < 1.12.5-r0
- (no CPE)range: < 1.4.10-r25
- (no CPE)range: < 7.77.3-r10
- (no CPE)range: < 29.4.1-r0
- (no CPE)range: < 29.5.2-r0
- (no CPE)range: < 8.19.14-r2
- (no CPE)range: < 9.2.8-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 8.19.14-r2
- (no CPE)range: < 9.2.8-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 1.8.0-r0
- (no CPE)range: < 1.8.0-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 3.22.1-r1
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 2.15.0-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 3.9.6-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 2.98.0-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 4.135-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 1.73.1-r0
- (no CPE)range: < 1.73.1-r0
- (no CPE)range: < 1.12.0-r4
- (no CPE)range: < 3.9.0-r0
- (no CPE)range: < 1.14.2-r0
- (no CPE)range: < 1.14.2-r0
- (no CPE)range: < 0.150.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 0.150.0-r0
- (no CPE)range: < 0.149.0-r0
- (no CPE)range: < 0.149.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.241.0-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 0.15.0.144-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 17.7.23-r0
- (no CPE)range: < 18.7.6-r0
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 2.11.45-r0
- (no CPE)range: < 3.6.16-r1
- (no CPE)range: < 2.11.45-r0
- (no CPE)range: < 3.6.16-r0
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.14.0-r0
- (no CPE)range: < 0.130.0-r0
- (no CPE)range: < 0.39.6-r2
- (no CPE)range: < 0.74.1-r0
- (no CPE)range: < 0.74.1-r0
- (no CPE)range: < 2.1.17-r0
- (no CPE)range: < 1.2.0-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 1.68.3-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 1.11.8-r0
- (no CPE)range: < 1.12.5-r0
- (no CPE)range: < 7.77.3-r10
- (no CPE)range: < 29.4.1-r0
- (no CPE)range: < 1.8.0-r0
- (no CPE)range: < 3.22.1-r1
- (no CPE)range: < 2.15.0-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 5.5.1-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 4.126-r0
- (no CPE)range: < 1.73.1-r0
- (no CPE)range: < 3.9.0-r0
- (no CPE)range: < 1.14.2-r0
- (no CPE)range: < 0.150.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 0.149.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.241.0-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 0.15.0.144-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 17.7.23-r0
- (no CPE)range: < 18.7.6-r0
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 18.7.2-r12
- (no CPE)range: < 3.6.16-r1
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.14.0-r0
- (no CPE)range: < 0.39.6-r2
- (no CPE)range: < 0.74.1-r0
- (no CPE)range: < 2.1.17-r0
- (no CPE)range: < 24.0.9_ce-18.1
- (no CPE)range: < 0.0.20260402T184258-150000.1.158.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-1.37.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-150000.1.45.1
- (no CPE)range: < 24.0.9_ce-1.37.1
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-x744-4wpc-v9h2ghsaADVISORY
- github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-34040ghsaADVISORY
- docs.docker.com/engine/extend/plugins_authorizationghsaWEB
- github.com/moby/moby/commit/e89edb19ad7de0407a5d31e3111cb01aa10b5a38ghsaWEB
- github.com/moby/moby/releases/tag/docker-v29.3.1nvdRelease NotesWEB
- github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fqghsaWEB
News mentions
0No linked articles in our index yet.