Docker articles

BRIEF

Docker Engine 29.5.3 fixes runAsNonRoot bypass

June 5, 2026Sysadmin Craft

Docker Engine 29.5.3 patches CVE-2026-46680 via containerd 2.2.4 -- a flaw where containers with oversized USER IDs silently run as root despite runAsNonRoot: true.

BRIEF

Docker AuthZ bypass via oversized request body

June 1, 2026Security

CVE-2026-34040 lets attackers bypass Docker AuthZ plugins with a padded API request — upgrade to Moby 29.3.1 or later.

BRIEF

Docker cp Was a Root Hole: Three CVEs Fixed

May 26, 2026Security

Docker Engine 29.5.1 patches three vulnerabilities in docker cp, including one that let a malicious container execute arbitrary code as root on the host by hijacking the decompression binary lookup.

HOT TAKE

CVE-2026-46680: containerd patched across all active branches

May 22, 2026Security

CVE-2026-46680 patched across all four active containerd branches on May 20. Pick up 2.3.1, 2.2.4, 2.0.9, or 1.7.32 depending on which branch you run.

Docker

Articles tagged Docker

Docker Engine 29.5.3 fixes runAsNonRoot bypass

Docker AuthZ bypass via oversized request body

Docker cp Was a Root Hole: Three CVEs Fixed

CVE-2026-46680: containerd patched across all active branches