High severity7.2GHSA Advisory· Published Jun 12, 2026· Updated Jun 16, 2026
CVE-2026-42306
CVE-2026-42306
Description
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. This issue has been patched in Docker Engine version 29.5.1 and Moby Daemon version 2.0.0-beta.14.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/docker/dockerGo | <= 28.5.2 | — |
github.com/moby/moby/v2Go | < 2.0.0-beta.14 | 2.0.0-beta.14 |
github.com/moby/mobyGo | <= 28.5.2 | — |
Affected products
131<= 28.5.2+ 15 more
- (no CPE)range: <= 28.5.2
- cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*range: <=28.5.2
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta0:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta10:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta11:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta12:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta13:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta6:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta7:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta8:*:*:*:*:*:*
- cpe:2.3:a:mobyproject:moby\/v2:2.0.0:beta9:*:*:*:*:*:*
- osv-coords114 versionspkg:apk/chainguard/auditbeat-8.19pkg:apk/chainguard/auditbeat-9.3pkg:apk/chainguard/auditbeat-9.4pkg:apk/chainguard/auditbeat-fips-8.19pkg:apk/chainguard/auditbeat-fips-9.3pkg:apk/chainguard/auditbeat-fips-9.4pkg:apk/chainguard/aws-otel-collectorpkg:apk/chainguard/aws-otel-collector-fipspkg:apk/chainguard/buildahpkg:apk/chainguard/buildah-fipspkg:apk/chainguard/chainloop-control-planepkg:apk/chainguard/chainloop-control-plane-fipspkg:apk/chainguard/datadog-agent-7.77-fullpkg:apk/chainguard/dockerd-fips-29pkg:apk/chainguard/elastic-agent-8.19pkg:apk/chainguard/elastic-agent-9.3pkg:apk/chainguard/elastic-agent-9.4pkg:apk/chainguard/elastic-agent-fips-8.19pkg:apk/chainguard/elastic-agent-fips-9.3pkg:apk/chainguard/elastic-agent-fips-9.4pkg:apk/chainguard/elastic-otel-collector-9.3pkg:apk/chainguard/elastic-otel-collector-9.4pkg:apk/chainguard/elastic-otel-collector-fips-9.3pkg:apk/chainguard/elastic-otel-collector-fips-9.4pkg:apk/chainguard/envoy-gateway-egctlpkg:apk/chainguard/envoy-gateway-fips-egctlpkg:apk/chainguard/filebeat-8.19pkg:apk/chainguard/filebeat-9.3pkg:apk/chainguard/filebeat-9.4pkg:apk/chainguard/filebeat-fips-8.19pkg:apk/chainguard/filebeat-fips-9.3pkg:apk/chainguard/filebeat-fips-9.4pkg:apk/chainguard/google-cloud-otel-ops-collectorpkg:apk/chainguard/grafana-12.3pkg:apk/chainguard/grafana-12.4pkg:apk/chainguard/grafana-13.0pkg:apk/chainguard/grafana-fips-12.3pkg:apk/chainguard/grafana-fips-12.4pkg:apk/chainguard/grafana-fips-13.0pkg:apk/chainguard/heartbeat-8.19pkg:apk/chainguard/heartbeat-9.3pkg:apk/chainguard/heartbeat-9.4pkg:apk/chainguard/heartbeat-fips-8.19pkg:apk/chainguard/heartbeat-fips-9.3pkg:apk/chainguard/heartbeat-fips-9.4pkg:apk/chainguard/kopkg:apk/chainguard/ko-fipspkg:apk/chainguard/metricbeat-8.19pkg:apk/chainguard/metricbeat-9.3pkg:apk/chainguard/metricbeat-9.4pkg:apk/chainguard/metricbeat-fips-8.19pkg:apk/chainguard/metricbeat-fips-9.3pkg:apk/chainguard/metricbeat-fips-9.4pkg:apk/chainguard/nerdctlpkg:apk/chainguard/nerdctl-fipspkg:apk/chainguard/nrdot-collector-k8s-fipspkg:apk/chainguard/nucleipkg:apk/chainguard/podmanpkg:apk/chainguard/podman-fipspkg:apk/chainguard/portierispkg:apk/chainguard/portieris-fipspkg:apk/chainguard/prometheus-2.51pkg:apk/chainguard/prometheus-3.10pkg:apk/chainguard/prometheus-3.11pkg:apk/chainguard/prometheus-3.5pkg:apk/chainguard/prometheus-3.8pkg:apk/chainguard/prometheus-fips-3.10pkg:apk/chainguard/prometheus-fips-3.11pkg:apk/chainguard/prometheus-fips-3.5pkg:apk/chainguard/prometheus-fips-3.8pkg:apk/chainguard/prometheus-fips-3.9pkg:apk/chainguard/py3-dockerpkg:apk/chainguard/rancher-2.12pkg:apk/chainguard/rancher-2.13pkg:apk/chainguard/rancher-2.14pkg:apk/chainguard/rancher-agent-2.12pkg:apk/chainguard/rancher-agent-2.13pkg:apk/chainguard/rancher-agent-2.14pkg:apk/chainguard/rancher-machinepkg:apk/chainguard/skopeopkg:apk/chainguard/skopeo-fipspkg:apk/chainguard/trivypkg:apk/chainguard/trivy-fipspkg:apk/chainguard/undockpkg:apk/chainguard/upwind-agentpkg:apk/chainguard/zotpkg:apk/wolfi/aws-otel-collectorpkg:apk/wolfi/buildahpkg:apk/wolfi/datadog-agent-7.77-fullpkg:apk/wolfi/envoy-gateway-egctlpkg:apk/wolfi/grafana-12.3pkg:apk/wolfi/grafana-12.4pkg:apk/wolfi/grafana-13.0pkg:apk/wolfi/kopkg:apk/wolfi/nerdctlpkg:apk/wolfi/nucleipkg:apk/wolfi/podmanpkg:apk/wolfi/portierispkg:apk/wolfi/prometheus-3.10pkg:apk/wolfi/prometheus-3.11pkg:apk/wolfi/prometheus-3.5pkg:apk/wolfi/prometheus-3.8pkg:apk/wolfi/py3-dockerpkg:apk/wolfi/rancher-2.12pkg:apk/wolfi/rancher-2.13pkg:apk/wolfi/rancher-2.14pkg:apk/wolfi/rancher-agent-2.12pkg:apk/wolfi/rancher-agent-2.13pkg:apk/wolfi/rancher-agent-2.14pkg:apk/wolfi/rancher-machinepkg:apk/wolfi/skopeopkg:apk/wolfi/trivypkg:apk/wolfi/undockpkg:apk/wolfi/zot
< 8.19.17-r0+ 113 more
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 1.100.8-r0
- (no CPE)range: < 1.100.8-r0
- (no CPE)range: < 7.77.3-r10
- (no CPE)range: < 29.5.2-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 1.8.2-r0
- (no CPE)range: < 1.8.2-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 0.151.0-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 8.19.17-r0
- (no CPE)range: < 9.3.6-r0
- (no CPE)range: < 9.4.3-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 1.12.0-r4
- (no CPE)range: < 3.9.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 0.15.0.144-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.14.0-r0
- (no CPE)range: < 0.130.0-r0
- (no CPE)range: < 2.1.17-r0
- (no CPE)range: < 0.48.0-r0
- (no CPE)range: < 1.44.0-r0
- (no CPE)range: < 7.77.3-r10
- (no CPE)range: < 1.8.2-r0
- (no CPE)range: < 12.3.7-r0
- (no CPE)range: < 12.4.4-r0
- (no CPE)range: < 13.0.2-r0
- (no CPE)range: < 0.19.0-r0
- (no CPE)range: < 2.3.1-r0
- (no CPE)range: < 3.9.0-r0
- (no CPE)range: < 6.0.0-r0
- (no CPE)range: < 0.14.1-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 2.12.11-r0
- (no CPE)range: < 2.13.7-r0
- (no CPE)range: < 2.14.3-r0
- (no CPE)range: < 0.15.0.144-r0
- (no CPE)range: < 1.23.0-r0
- (no CPE)range: < 0.70.0-r0
- (no CPE)range: < 0.14.0-r0
- (no CPE)range: < 2.1.17-r0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-rg2x-37c3-w2rhghsaADVISORY
- github.com/moby/moby/security/advisories/GHSA-rg2x-37c3-w2rhnvdMitigationVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-42306ghsaADVISORY
News mentions
0No linked articles in our index yet.