Desktop
by Docker
Source repositories
CVEs (33)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9074 | Cri | 0.64 | — | 0.02 | Aug 20, 2025 | A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled,… | ||
| CVE-2024-8696 | Cri | 0.64 | 9.8 | 0.01 | Sep 12, 2024 | A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||
| CVE-2024-8695 | Cri | 0.64 | 9.8 | 0.01 | Sep 12, 2024 | A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | ||
| CVE-2026-6406 | Hig | 0.57 | 8.8 | 0.00 | May 22, 2026 | The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket… | ||
| CVE-2025-9164 | Hig | 0.57 | — | 0.00 | Oct 27, 2025 | Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This… | ||
| CVE-2025-10657 | Hig | 0.57 | — | 0.00 | Sep 26, 2025 | In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ ) enabled, an administrator can utilize the command restrictions feature https://docs.docker.com/enterprise/securi… | ||
| CVE-2021-44719 | Hig | 0.55 | 8.4 | 0.00 | May 25, 2022 | Docker Desktop 4.3.0 has Incorrect Access Control. | ||
| CVE-2026-8936 | Hig | 0.53 | — | 0.00 | Jun 2, 2026 | Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0. | ||
| CVE-2026-5843 | Hig | 0.53 | 8.2 | 0.00 | May 22, 2026 | The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configuration field in config.json. When a model's config.json specifies a model_file… | ||
| CVE-2023-5166 | Hig | 0.52 | 8.0 | 0.01 | Sep 25, 2023 | Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0. | ||
| CVE-2023-0626 | Hig | 0.52 | 8.0 | 0.01 | Sep 25, 2023 | Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0. | ||
| CVE-2023-0625 | Hig | 0.52 | 8.0 | 0.01 | Sep 25, 2023 | Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0. | ||
| CVE-2025-3224 | Hig | 0.51 | 7.8 | 0.00 | Apr 28, 2025 | A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path… | ||
| CVE-2022-37326 | Hig | 0.51 | 7.8 | 0.00 | Apr 27, 2023 | Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to… | ||
| CVE-2022-25365 | Hig | 0.51 | 7.8 | 0.01 | Feb 19, 2022 | Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. | ||
| CVE-2023-0633 | Hig | 0.47 | 7.2 | 0.00 | Sep 25, 2023 | In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0. | ||
| CVE-2024-6222 | Hig | 0.46 | 7.0 | 0.01 | Jul 9, 2024 | In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-note… | ||
| CVE-2023-5165 | Hig | 0.46 | 7.1 | 0.00 | Sep 25, 2023 | Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business… | ||
| CVE-2022-34292 | Hig | 0.46 | 7.1 | 0.00 | Apr 27, 2023 | Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647. | ||
| CVE-2022-31647 | Hig | 0.46 | 7.1 | 0.00 | Apr 27, 2023 | Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659. |
- risk 0.64cvss —epss 0.02
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled,…
- risk 0.64cvss 9.8epss 0.01
A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.
- risk 0.64cvss 9.8epss 0.01
A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.
- risk 0.57cvss 8.8epss 0.00
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket…
- risk 0.57cvss —epss 0.00
Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This…
- risk 0.57cvss —epss 0.00
In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ ) enabled, an administrator can utilize the command restrictions feature https://docs.docker.com/enterprise/securi…
- risk 0.55cvss 8.4epss 0.00
Docker Desktop 4.3.0 has Incorrect Access Control.
- risk 0.53cvss —epss 0.00
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.
- risk 0.53cvss 8.2epss 0.00
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configuration field in config.json. When a model's config.json specifies a model_file…
- risk 0.52cvss 8.0epss 0.01
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: before 4.23.0.
- risk 0.52cvss 8.0epss 0.01
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0.
- risk 0.52cvss 8.0epss 0.01
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0.
- risk 0.51cvss 7.8epss 0.00
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path…
- risk 0.51cvss 7.8epss 0.00
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to…
- risk 0.51cvss 7.8epss 0.01
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774.
- risk 0.47cvss 7.2epss 0.00
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This issue affects Docker Desktop: before 4.12.0.
- risk 0.46cvss 7.0epss 0.01
In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-note…
- risk 0.46cvss 7.1epss 0.00
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business…
- risk 0.46cvss 7.1epss 0.00
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647.
- risk 0.46cvss 7.1epss 0.00
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659.
Page 1 of 2