CVE-2026-34040 (CVSS 8.8) is an authorization bypass in Moby/Docker Engine affecting all versions before 29.3.1. The patch shipped March 25, 2026. If you run Docker with AuthZ plugins and haven't upgraded, you're exposed.

The bug

Docker's middleware reads the request body before passing it to an authorization plugin. When the body exceeds 1 MB, Docker drops it and sends an empty body to the plugin instead. The plugin sees nothing to evaluate, defaults to allow, and returns a permit decision. Docker then processes the original, full request.

An attacker pads a malicious API request over the 1 MB threshold. The plugin is effectively blind. Docker creates whatever the attacker asked for — including a privileged container with a bind mount to the host filesystem.

The attack targets the container create endpoint (POST /containers/create). A single HTTP request is enough. No lateral movement required before the bypass.

This is an incomplete fix of CVE-2024-41110, which described the same class of body-truncation bypass first disclosed in July 2024.

Who is affected

Only deployments using AuthZ plugins are vulnerable. This is common in multi-tenant environments and enterprise setups where policy enforcement layers like Open Policy Agent or custom plugins sit between the Docker client and daemon. Installations without AuthZ plugins are not affected by this specific vulnerability.

The plugin ecosystem has no uniform behavior for empty request bodies. Many plugins default to allowing requests they cannot inspect. That default is what this attack exploits.

Affected versions

  • github.com/docker/docker and github.com/moby/moby: all versions before 29.3.1
  • github.com/moby/moby/v2: all versions before 2.0.0-beta.8

What the fix does

29.3.1 raises the body size limit to 4 MiB (4,194,304 bytes) and uses a Peek operation to check whether the body exceeds that threshold. If it does, the request is denied rather than forwarded with an empty body. The behavior is now fail-closed.

The latest release in the 29.x line is 29.5.2 (May 20, 2026).

What to do

  1. Check whether you use AuthZ plugins: docker info | grep -i authorization
  2. If you do, upgrade Docker Engine to at least 29.3.1. The current stable is 29.5.2.
  3. If you cannot upgrade immediately, consider rejecting API requests with bodies near or above 1 MB at the network layer as a temporary measure.

The advisory is GHSA-x744-4wpc-v9h2.