Every CVE whose affected-product data names Docker Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2024-8696 — CVSS 9.8 (critical): A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in…
CVE-2024-8695 — CVSS 9.8 (critical): A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker…
CVE-2022-37326 — CVSS 7.8 (high): Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start…
CVE-2021-37841 — CVSS 7.8 (high): Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the…
CVE-2026-2664 — CVSS 7.8 (high): An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up…
CVE-2025-3224 — CVSS 7.8 (high): A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker…
CVE-2022-34292 — CVSS 7.1 (high): Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create…
CVE-2022-31647 — CVSS 7.1 (high): Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in…
CVE-2024-6222 — CVSS 7.0 (high): In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further…
CVE-2020-10665 — CVSS 6.7 (medium): Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with…
CVE-2022-38730 — CVSS 6.3 (medium): Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by…
CVE-2024-5652 — CVSS 6.1 (medium): In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the…
CVE-2023-1802 — CVSS 5.9 (medium): In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check…