Docker Engine 29.5.3 fixes runAsNonRoot bypass
Docker Engine 29.5.3 patches CVE-2026-46680 via containerd 2.2.4 -- a flaw where containers with oversized USER IDs silently run as root despite runAsNonRoot: true.
Containerd
2 articles tagged #containerd
Articles tagged Containerd
CVE-2026-46680: containerd patched across all active branches
CVE-2026-46680 patched across all four active containerd branches on May 20. Pick up 2.3.1, 2.2.4, 2.0.9, or 1.7.32 depending on which branch you run.