16
Open CVEs
0
Exploited
0
KEV
6
Unpatched
1
No Workaround
16
Internet-facing
Why this provider is risky now
This provider has 16 open CVE(s) in the last 7 days. 6 have no vendor patch. 16 affect internet-facing services. 5 impact the management/identity plane.
6 Unpatched
5 Mgmt / Admin Plane
1 No Workaround
16 Internet-facing
Top Risky CVEs
Command injection in Dokploy 0.29.1 and earlier allows authenticated users to execute arbitrary OS commands on the host by abusing the Docker file upload feature's unsanitized destinationPath parameter. The CVSS 9.9 score reflects scope change to the underlying host from a containerized context, and no public exploit identified at time of analysis though the GHSA advisory provides sufficient technical detail to reconstruct one.
Within 24 hours: Enumerate all Dokploy deployments running 0.29.1 or earlier; restrict file upload feature access to a minimal set of trusted administrators; enable comprehensive audit logging on all file upload operations. Within 7 days: Review upload logs for suspicious destinationPath patterns; implement network segmentation separating Dokploy infrastructure from production workloads and credential stores. Within 30 days: Establish continuous monitoring of GHSA advisory for patch release; develop tested migration plan to patched versions; deploy host-based endpoint detection and response (EDR) as interim control on all Dokploy systems.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-77: Command Injection)
- • Third-party ICT: Docker
- • No patch available
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • No remediation available
9.9
CVSS
0.2%
EPSS
50
Priority
Authenticated command injection in Dokploy 0.26.6 and earlier enables any logged-in user to run arbitrary OS commands as root via the /docker-container-logs WebSocket endpoint. The tail and since parameters are concatenated into shell commands without validation, yielding a CVSS 9.9 (Scope:Changed) issue affecting this self-hosted PaaS. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.
24 hours: Restrict network access to /docker-container-logs WebSocket endpoint via firewall; audit and validate all active user sessions; enable MFA on all accounts. 7 days: Implement WAF or firewall rules blocking shell command injection patterns in WebSocket parameters; establish continuous monitoring for WebSocket-based exploitation attempts; identify all affected Dokploy instances and document versions in deployment inventory. 30 days: Apply vendor-released patch immediately upon availability; if patch unavailable after 30 days, escalate remediation decision to executive leadership and prepare mitigation plan including system isolation or alternative deployment solutions.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-78: OS Command Injection)
- • Third-party ICT: Docker
- • No patch available
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • No remediation available
9.9
CVSS
0.2%
EPSS
50
Priority
Command injection in Dokploy 0.29.2 and earlier allows authenticated users with application create/edit permissions to execute arbitrary shell commands on the host by injecting metacharacters into branch names, repository URLs, or Docker credentials. The flaw stems from unsanitized template-literal interpolation passed to child_process.exec(), and at time of analysis no public exploit identified at time of analysis, but the vendor security advisory GHSA-3frc-cfh9-ch2c documents the issue.
Within 24 hours: Inventory all Dokploy deployments and identify users with application create/edit permissions. Within 7 days: Restrict application create/edit permissions to a minimal set of trusted administrators; implement input validation on branch names, repository URLs, and Docker credential fields if possible through configuration. Within 30 days: Monitor vendor advisory GHSA-3frc-cfh9-ch2c for patch availability and plan immediate upgrade upon release; evaluate alternative deployment platforms if no patch timeline is provided by vendor.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-20: Improper Input Validation)
- • Third-party ICT: Docker
- • No patch available
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • No remediation available
9.6
CVSS
0.0%
EPSS
48
Priority
CVE-2026-10042
Act Now
{method_name} and /simple_execute/{method_name} endpoints, which call pickle.loads() on raw HTTP request bodies. The flaw scored CVSS 4.0 of 9.2 and has an upstream fix in commit d7441481, but no public exploit was identified at time of analysis; risk is amplified by the default Docker image running as root, leading to full container compromise.
Within 24 hours: Identify and inventory all affected service deployments. Within 7 days: Apply patch including fix commit d7441481 or later vendor-released version. Within 30 days: Implement firewall rules restricting network access to vulnerable endpoints and audit Docker configurations to eliminate unnecessary root privileges.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-502: Deserialization of Untrusted Data)
- • Third-party ICT: Docker
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
9.2
CVSS
0.4%
EPSS
46
Priority
Command injection in Dokploy 0.29.0 and earlier allows authenticated users to execute arbitrary OS commands on the host by deleting a Docker registry whose registryUrl contains shell metacharacters. The deleteRegistry function in packages/server/src/services/registry.ts passes registryUrl unescaped into docker logout, while the adjacent docker login call correctly uses shEscape() - making this a clear regression. No public exploit identified at time of analysis, but the root cause is documented in the vendor's GHSA advisory.
Within 24 hours: Audit all Dokploy deployments to identify affected versions (0.29.0 and earlier); restrict registry management permissions to administrators only. Within 7 days: Implement host-level command execution logging for all Dokploy instances; disable the deleteRegistry function if not operationally critical. Within 30 days: Monitor vendor security advisories for patch availability (target version to be determined upon release); prepare immediate patching procedure.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing (CWE-78: OS Command Injection)
- • Third-party ICT: Docker
- • No patch available
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • No remediation available
8.8
CVSS
0.2%
EPSS
44
Priority
CVE-2026-44829
This Week
Zip slip path traversal in Gotenberg through version 8.32.0 allows remote unauthenticated attackers to plant files outside the extraction directory on Windows hosts that unzip multi-output API responses. Because Gotenberg runs on Linux containers, its filepath.Base sanitisation never strips Windows-style backslashes from uploaded multipart filenames, so a crafted name like '..\..\..\Windows\System32\evil.pdf' is preserved verbatim as a zip entry name and honoured by Windows extractors (7-Zip, WinRAR, .NET ZipFile, Explorer). A working publicly available exploit code exists in the GHSA advisory; the issue is not present in CISA KEV and no EPSS score was provided.
24 hours: Identify all Windows systems that receive or process Gotenberg outputs; document current Gotenberg versions and deployment architecture; assess whether multi-output API functionality is actively used. 7 days: If Windows extraction is operationally critical, isolate affected systems to internal-only networks with restricted access controls; disable Gotenberg multi-output API if feasible. 30 days: Monitor Gotenberg project releases for patch availability; review Windows Security event logs for suspicious file creation outside expected extraction directories; deploy endpoint detection and response (EDR) solutions on Windows systems processing Gotenberg data.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing (CWE-22: Path Traversal)
- • Third-party ICT: Docker
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
8.8
CVSS
44
Priority
CVE-2026-44830
This Week
Authentication bypass in Nocturne Memory before 2.4.1 lets any network-adjacent client gain unauthenticated read/write/delete access to the full Knowledge-Graph API when operators deploy the default Docker configuration without setting API_TOKEN. Because the server binds to 0.0.0.0 with CORS allow_origins=["*"] and the BearerTokenAuthMiddleware silently disables auth on an empty token, an attacker on the same LAN can tamper with memory entries such as system://boot and core://* that auto-load into downstream MCP agent sessions, enabling persistent prompt-injection. There is no public exploit identified at time of analysis, and no EPSS or CISA KEV signal is present in the source data.
Within 24 hours: Identify all Nocturne Memory deployments; verify current versions against 2.4.1 and confirm API_TOKEN environment variable is configured in each Docker deployment. Within 7 days: Upgrade all affected instances to Nocturne Memory 2.4.1 or later across production, staging, and development environments. Within 30 days: Audit Knowledge-Graph API access logs for unauthorized modifications to system:// and core:// memory entries during the vulnerable period; validate that all deployments enforce API authentication beyond version upgrade.
Edge exposure
ICT dependency
Management plane
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing (CWE-306: Missing Authentication for Critical Function)
- • Third-party ICT: Docker
- • Management plane (Missing Authentication for Critical Function)
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • Authentication / access control weakness
8.7
CVSS
0.0%
EPSS
44
Priority
CVE-2026-47179
This Week
Authenticated arbitrary file read in Arcane (Docker management UI) versions ≤ 1.19.3 allows any low-privileged user to read any file accessible to the backend process by abusing Docker Compose `include:` directives. Because `CreateProject` skips include-path validation that `UpdateProject` enforces, an attacker can register a project whose compose file points at `/etc/passwd` or `/app/data/arcane.db`, then fetch the contents via the project file API - yielding stored password hashes and API keys for all users, enabling admin takeover and host RCE through Arcane's Docker control plane. No public exploit identified at time of analysis; vendor patch is available in 1.19.4.
Within 24 hours: Inventory all Arcane deployments and identify instances running versions ≤1.19.3. Within 7 days: Upgrade all affected instances to Arcane 1.19.4. Within 30 days: Review CreateProject API audit logs for suspicious activity and rotate administrative credentials if exploitation is suspected.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing (CWE-22: Path Traversal)
- • Third-party ICT: Docker
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
7.7
CVSS
0.1%
EPSS
38
Priority
CVE-2026-48116
This Week
Command injection in AnythingLLM prior to 1.13.0 allows attackers chatting with an agent to execute arbitrary commands inside the server container by abusing the filesystem-search-files skill. The LLM-controlled pattern parameter is passed to ripgrep without a '--' end-of-options separator, letting a crafted pattern like '--pre=/bin/sh' coerce ripgrep into executing files as shell scripts. The default official Docker image ships with the filesystem plugin enabled, making typical deployments exploitable; no public exploit identified at time of analysis.
Within 24 hours: Disable the filesystem-search-files plugin in AnythingLLM configuration and restrict network access to chat endpoints. Within 7 days: Audit application and container logs for exploitation attempts (search for '--pre=' command patterns in ripgrep queries); implement firewall rules limiting AnythingLLM instance access to trusted networks. Within 30 days: Monitor vendor advisories for patch availability (vulnerable versions: prior to 1.13.0); if patch released, plan immediate deployment; otherwise, evaluate permanent mitigations or platform replacement.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing (CWE-77: Command Injection)
- • Third-party ICT: Docker
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
7.5
CVSS
0.0%
EPSS
38
Priority
SSRF deny-list bypass in Gotenberg v8 (<= 8.32.0) allows unauthenticated remote attackers to reach internal cloud metadata services (e.g., AWS/GCP/Azure IMDS at 169.254.169.254) by serving a crafted DNS AAAA record containing IPv6 6to4, NAT64, or deprecated site-local prefixes that the IsPublicIP allow-list fails to recognize. Publicly available exploit code exists via the GitHub Security Advisory PoC, and the Chromium URL-convert route returns the upstream response as a PDF, yielding a full-read SSRF that can leak IAM credentials. No vendor-released patch identified at time of analysis (advisory lists no fixed version).
Within 24 hours: Scan all systems to identify Gotenberg v8 instances at version 8.32.0 or earlier and document their deployment context and network connectivity to cloud environments. Within 7 days: Implement network-level egress filtering to block access from Gotenberg processes to 169.254.169.254/32 (cloud metadata endpoints) and deploy Web Application Firewall rules to detect IPv6 6to4, NAT64, and site-local prefix patterns in requests. Within 30 days: Complete transition to Gotenberg v9.x or newer (if patched by vendor), or architecturally isolate vulnerable Gotenberg instances in restricted network segments without cloud metadata access and with IAM roles removed.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing technique: ssrf
- • Third-party ICT: Docker
- • No patch available
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • HIGH severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • No remediation available
7.5
CVSS
38
Priority
By Exposure
Internet-facing
16
Mgmt / Admin Plane
5
Identity / Auth
5
Internal only
0
By Exploitability
Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
3
Local only
0
By Remediation
Patch available
10
No patch
6
Workaround available
9
No workaround
1
Affected Services / Product Families
Docker
16 CVE(s)
+ 6 more