CVE-2026-34040

8.8

High

Published:31 Mar 2026

Last updated:17 Jun 2026

Source:security-advisories@github.com

Analyzed

Weakness (CWE)

CWE-288CWE-288

CVSS Vector

v3.1

Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High

View on MITRE Find PoC on GitHub

Description

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

References

security-advisories@github.com

https://github.com/moby/moby/releases/tag/docker-v29.3.1

security-advisories@github.com

https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2