GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
Docker: Race condition in docker cp allows bind mount redirection to host path
High
CVE-2026-42306
was published
for
github.com/docker/docker
(Go)
May 18, 2026
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
Moderate
CVE-2026-41568
was published
for
github.com/docker/docker
(Go)
May 18, 2026
Docker: `PUT /containers/{id}/archive` executes container binary on the host
High
CVE-2026-41567
was published
for
github.com/docker/docker
(Go)
May 18, 2026
Moby has AuthZ plugin bypass when provided oversized request bodies
High
CVE-2026-34040
was published
for
github.com/docker/docker
(Go)
Mar 27, 2026
Moby has an Off-by-one error in its plugin privilege validation
Moderate
CVE-2026-33997
was published
for
github.com/docker/docker
(Go)
Mar 27, 2026
Classic builder cache poisoning
Moderate
CVE-2024-24557
was published
for
github.com/docker/docker
(Go)
Feb 1, 2024
ProTip!
Advisories are also available from the
GraphQL API