CVE-2026-34040

Published Mar 31, 2026

Last updated 19 days ago

CVSS high 8.8
Docker

Overview

Description
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
Source
security-advisories@github.com
NVD status
Analyzed
Products
moby

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

security-advisories@github.com
CWE-288

Social media

Hype score
Not currently trending

  1. This Week in Security: Docker Auth, Windows Tools, and a Very Full Patch Tuesday https://t.co/qO9zGhDUQB CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the

    @f1tym1

    17 Apr 2026

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. This Week in Security: Docker Auth, Windows Tools, and a Very Full Patch Tuesday: CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to th… https://t.co/7PG6K13zM

    @RLehrbaum37632

    17 Apr 2026

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Docker Engine の脆弱性 CVE-2026-34040 が FIX:AuthZ バイパスによる権限昇格の恐れ https://t.co/LBCQAOrcuI Docker Engine の脆弱性 CVE-2026-34040 は、以前に報告された CVE-2024-41110 に対する修正が不十分だったことに起因します。

    @iototsecnews

    16 Apr 2026

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 Security Alert: CVE-2026-34040 (CVSS 8.8) is critical due to an incomplete fix for CVE-2024-41110. Discovered by Asim Viladi Oglu Manizada & team. Update Docker Engine v29.3.1 ASAP! 🚀 Beware AI agents exploiting padded HTTP requests! #CyberSecurity #Docker #Vulnerabil

    @ReliableEmbSys

    10 Apr 2026

    62 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Critical Flowise RCE (CVE-2025-59528) actively exploited via CustomMCP; Docker Engine (CVE-2026-34040) & Ninja Forms (CVE-2026-0740) need patches. APT28 hijacks MikroTik/TP-Link DNS to steal Microsoft creds. #FlowiseRCE #APT28DNS #Russia https://t.co/OrkE7UQkxN

    @TweetThreatNews

    10 Apr 2026

    359 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨Dockerに新たな脆弱性CVE-2026-34040が発覚! 認証プラグインをバイパスされ、ホストへのアクセスを許してしまう可能性が😱 CVE-2024-41110の不完全な修正が原因です。認証プラグイン利用者は要注意!早急な対

    @motch_dev

    8 Apr 2026

    78 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Apr 07, 2026 🚨 A critical vulnerability (CVE-2026-34040) in Docker Engine allows attackers to bypass authorization plugins, risking host access. This stems from an incomplete fix for CVE-2024-41110. https://t.co/U9Ys7FqKRk

    @kernyx64

    7 Apr 2026

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm to an internal URL (e.g., http://127.0.0.1:3000/), causing Model Runner running on the host to make arbitrary GET requests to internal services and reflect the full response body back to the caller. Additionally, the token exchange mechanism can relay data from internal services back to the attacker-controlled registry via the Authorization: Bearer header. This issue has been patched in version 1.1.25. For Docker Desktop users, enabling Enhanced Container Isolation (ECI) blocks container access to Model Runner, preventing exploitation. However, if the Docker Model Runner is exposed to localhost over TCP in specific configurations, the vulnerability is still exploitable.CVE-2026-33990
  2. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.CVE-2026-33997
  3. Aquasecurity Trivy Embedded Malicious Code VulnerabilityCVE-2026-33634
  4. Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user. This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose. This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.CVE-2025-15558
  5. Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server (llama.cpp). By injecting the --log-file flag, an attacker with network access to the Model Runner API can write or overwrite arbitrary files accessible to the Model Runner process. When bundled with Docker Desktop (where Model Runner is enabled by default since version 4.46.0), it is reachable from any default container at model-runner.docker.internal without authentication. In this context, the file overwrite can target the Docker Desktop VM disk (`Docker.raw` ), resulting in the destruction of all containers, images, volumes, and build history. However, in specific configurations and with user interaction, it is possible to convert this vulnerability in a container escape. The issue is fixed in Docker Model Runner 1.0.16. Docker Desktop users should update to 4.61.0 or later, which includes the fixed Model Runner. A workaround is available. For Docker Desktop users, enabling Enhanced Container Isolation (ECI) blocks container access to Model Runner, preventing exploitation. However, if the Docker Model Runner is exposed to localhost over TCP in specific configurations, the vulnerability is still exploitable.CVE-2026-28400

References

Sources include official advisories and independent security research.