What is the CVSS score of CVE-2026-2664?

CVE-2026-2664 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Windows are affected by CVE-2026-2664?

Docker Desktop versions up to 4.61.0 contain a kernel vulnerability that could allow local attackers to exploit the grpcfuse module, potentially compromising system integrity.

How to fix or mitigate CVE-2026-2664?

Within 24 hours: Inventory all Docker Desktop installations across the organization and identify systems running version 4.61.0 or earlier. Within 7 days: Implement compensating controls including restricting local system access, disabling Docker Desktop on non-essential systems, and isolating development environments from production networks. Within 30 days: Monitor vendor advisories for patch availability and plan immediate deployment once released; escalate to Docker/Moby project for patch timeline clarification.

Windows CVE-2026-2664

HIGH

Out-of-bounds Read (CWE-125)

2026-02-24 security@docker.com

Linux Windows macOS Docker Desktop

7.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.8 HIGH

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 24, 2026 - 10:16 nvd

HIGH 7.8

DescriptionCVE.org

An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop 4.62.0 .

AnalysisAI

Local privilege escalation via out-of-bounds memory read in Docker Desktop's grpcfuse kernel module (versions up to 4.61.0) on Linux, Windows, and macOS allows authenticated local attackers to achieve complete system compromise through manipulation of /proc/docker entries. The vulnerability requires local access and valid user credentials but enables reading and modifying arbitrary kernel memory with high impact on confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Gain local system access

Exploit

Write malicious data to /proc/docker entries

Execution

Trigger out-of-bounds read in grpcfuse kernel module

Impact

Cause memory corruption and escalate privileges

Access

Gain local system access

Exploit

Write malicious data to /proc/docker entries

Execution

Trigger out-of-bounds read in grpcfuse kernel module

Impact

Cause memory corruption and escalate privileges

Vulnerability AssessmentAI

Exploitation	Docker Desktop versions up to 4.61.0 with grpcfuse kernel module enabled; local user account with write permissions to /proc/docker; Linux VM environment in Docker Desktop for Windows, Linux, or macOS. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability to a local attacker to cause an unspecified impact by writing to /proc/docker entri.
Remediation	Monitor vendor advisories for a patch. Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Docker Desktop installations across the organization and identify systems running version 4.61.0 or earlier. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-12440 CRITICAL Act Now

9.6 Jun 17

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to po

CVE-2026-12466 HIGH This Week

8.8 Jun 17

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute

CVE-2026-12437 HIGH This Week

8.3 Jun 17

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had comprom

CVE-2026-12449 HIGH This Week

7.8 Jun 17

Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-

CVE-2026-12461 MEDIUM This Month

6.5 Jun 17

Out of bounds read in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to obtain pot

CVE-2026-2664 vulnerability details – vuln.today

Back

Windows CVE-2026-2664

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code