Docker - Tool

Threat entity extracted from intelligence sources

Frequency
165
occurrences
First Seen
November 3, 2025
Last Seen
July 16, 2026

Docker is a tool tracked across 50 threat clusters and 165 intelligence report mentions on ThreatCluster. First observed November 3, 2025; most recent activity July 16, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Jadepuffer Agentic Ransomware For Automated Database Extortion — www.sysdig.com · July 16, 2026
  • CVE-2026-56260: Crawl4AI - Arbitrary File Write via output_path Parameter [CRITICAL] CVSS 9.1 Exploit Intelligence — Recent CVEs / 14h Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The output_path parameter accepts arbitrary filesystem paths without validation, allowing an attacker to supply absolute or path-traversal values to write to any location w — exploit-intel.com · July 13, 2026
  • Critical Arbitrary File Write Vulnerability in Crawl4AI (CVE-2026-56260) ThreatCluster - Threat Intelligence Feed / 7h This flaw exists in the Docker API server's /screenshot and /pdf endpoints, allowing unauthenticated attackers to write arbitrary files to any filesystem location accessible by the application's user. CVE-2026-56260 is a critical arbitrary file write vulnerability affecting Crawl4AI versions prior to 0.8.7. — threatcluster.io · July 13, 2026
  • CVE-2026-56260 - Exploits & Severity — Feedly · July 12, 2026
  • Public Exploit Turns 15-Year Linux Kernel Flaw Into 5-Second Root Attack — Techtimes · July 8, 2026
  • Mondoo Vulnerability Intelligence — mondoo.com · July 8, 2026
  • Link — edge.prnewswire.com · July 8, 2026
  • Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets — Securityaffairs.Co · July 7, 2026

CVSS v3.1 Breakdown