Docker Security Vulnerabilities (CVEs)

Track 22 security vulnerabilities affecting Docker products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

9 Critical

13 High

Sort by:

🔔 Get Alerts for Docker

CVE-2026-2664 7.8

An out-of-bounds read vulnerability in the grpcfuse kernel module in Docker Desktop's Linux VM allows local attackers to write to /proc/docker entries...

Feb 24, 2026

CVE-2025-13743 7.5

Docker Desktop diagnostics bundles inadvertently include expired Personal Access Tokens (PATs) in log output due to error object serialization issues....

Dec 9, 2025

CVE-2025-3224 7.8

A local privilege escalation vulnerability in Docker Desktop for Windows allows low-privileged users to gain SYSTEM privileges by exploiting the updat...

Apr 28, 2025

CVE-2024-8695 9.8

A remote code execution vulnerability in Docker Desktop allows malicious extensions to execute arbitrary code by crafting malicious extension descript...

Sep 12, 2024

CVE-2024-6222 7.0

This vulnerability allows an attacker who has already broken out of a Docker container into the Docker Desktop VM to further escape to the host operat...

Jul 9, 2024

CVE-2023-5165 7.1

CVE-2023-5165 allows unprivileged users to bypass Enhanced Container Isolation (ECI) restrictions in Docker Desktop by accessing a debug shell during ...

Sep 25, 2023

CVE-2023-0625 8.0

This vulnerability in Docker Desktop allows remote code execution (RCE) when a malicious extension description or changelog is processed. Attackers ca...

Sep 25, 2023

CVE-2023-0633 7.2

This vulnerability in Docker Desktop for Windows allows local attackers to escalate privileges through argument injection in the installer. Attackers ...

Sep 25, 2023

CVE-2022-34292 7.1

This vulnerability in Docker Desktop for Windows allows attackers to overwrite arbitrary files through a symlink attack on the hyperv/create dockerBac...

Apr 27, 2023

CVE-2023-0629 7.1

This vulnerability allows unprivileged users on Docker Desktop to bypass Enhanced Container Isolation (ECI) restrictions by connecting to Docker's raw...

Mar 13, 2023

CVE-2021-44719 8.4

CVE-2021-44719 is an incorrect access control vulnerability in Docker Desktop 4.3.0 that allows unauthorized users to access Docker Desktop features a...

May 25, 2022

CVE-2022-26659 7.1

This vulnerability allows attackers to overwrite administrator-writable files on Windows systems by exploiting a symlink vulnerability in Docker Deskt...

Mar 25, 2022

CVE-2022-25365 7.8

This vulnerability in Docker Desktop for Windows allows attackers to move arbitrary files on the host system. It affects Docker Desktop versions befor...

Feb 19, 2022

CVE-2021-37841 7.8

CVE-2021-37841 is an access control vulnerability in Docker Desktop for Windows that allows low-privileged users to compromise containers. Attackers c...

Aug 12, 2021

CVE-2020-35195 9.8

This vulnerability allows remote attackers to gain root access to systems running affected HAProxy Docker images by using a blank password. It affects...

Dec 17, 2020

CVE-2020-35197 9.8

This vulnerability allows remote attackers to gain root access to systems running affected memcached Docker images by using a blank password. It affec...

Dec 17, 2020

CVE-2020-35184 9.8

This vulnerability allows remote attackers to gain root access to systems running affected Composer Docker images by using a blank password. Anyone us...

Dec 17, 2020

CVE-2020-35185 9.8

CVE-2020-35185 allows remote attackers to gain root access to systems running vulnerable Ghost Docker images by using a blank password. This affects d...

Dec 17, 2020

CVE-2020-29591 9.8

This vulnerability allows remote attackers to gain root access to Docker registry containers by using a blank password for the root user. It affects s...

Dec 11, 2020

CVE-2020-29580 9.8

This vulnerability allows remote attackers to gain root access to Storm Docker containers by using a blank password for the root user. Systems using a...

Dec 8, 2020

CVE-2020-29601 9.8

This vulnerability allows remote attackers to gain root access to systems running vulnerable Notary Docker images by using a blank password. It affect...

Dec 8, 2020

CVE-2020-29389 9.8

This vulnerability allows attackers to gain root access to Crux Linux Docker containers by using a blank password for the root account. Systems using ...

Dec 2, 2020

Why Monitor Docker Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 22+ known vulnerabilities affecting Docker products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Docker packages in under 60 seconds. No agents required - completely agentless scanning that works across Docker deployments.

Free vulnerability database: Access detailed information about every Docker CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Docker CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Docker CVEs Free