Back

Docker Patches Critical AuthZ Bypass Vulnerability CVE-2026-34040

Severity: High (Score: 74.0)

Sources: Cybersecuritynews, Scworld

Summary

Docker has addressed a critical vulnerability, tracked as CVE-2026-34040, that allows attackers to bypass authorization checks and create containers with excessive privileges. The flaw arises from middleware issues in the Docker API, affecting all users regardless of the specific authorization plugin in use. An attacker can exploit this vulnerability by sending an HTTP request larger than 1MB, causing the middleware to skip authorization checks. This can lead to the creation of privileged containers that can access sensitive host data. The vulnerability is described as an incomplete fix of a previous issue (CVE-2024-41110) that was not fully addressed in patches. Docker has increased the maximum body size limit to 4MB and implemented measures to reject oversized requests. Users are advised to update to Docker Engine version 29.3.1 or later to mitigate risks. The flaw poses significant risks in enterprise environments where sensitive data is managed through Docker containers. Key Points: • CVE-2026-34040 allows bypassing of Docker authorization checks. • Attackers can exploit the flaw by sending oversized HTTP requests. • Users must update to Docker Engine version 29.3.1 or later to mitigate risks.

Key Entities

  • Zero-day Exploit (attack_type)
  • Cyera (company)
  • CVE-2024-41110 (cve)
  • CVE-2026-34040 (cve)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • Docker (tool)
  • Docker Engine (platform)
  • Kubernetes (platform)
  • S3 (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed