Is Docker affected by CVE-2026-34977?

Aperi'Solve versions below 3.2.1 contain a critical unauthenticated remote code execution vulnerability in image upload processing that allows attackers to execute arbitrary commands with root privileges.

CVE-2026-34977

Q: How to fix CVE-2026-34977?

Within 24 hours: Identify all Aperi'Solve deployments and their version numbers; immediately isolate or restrict network access to any instance running version <3.2.1 using firewall rules or network segmentation. Within 7 days: Upgrade Aperi'Solve to version 3.2.1 or later per vendor release; verify upgrade completion and test core functionality. Within 30 days: Conduct forensic audit of Aperi'Solve access logs for evidence of exploitation attempts or unauthorized command execution; review and remediate any Docker socket mount configurations or overprivileged container settings.

EUVD-2026-19361 CRITICAL

2026-04-06 GitHub_M

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 06, 2026 - 16:45 vuln.today

EUVD ID Assigned

Apr 06, 2026 - 16:45 euvd

EUVD-2026-19361

CVE Published

Apr 06, 2026 - 16:16 nvd

CRITICAL 9.3

Description

Aperi'Solve is an open-source steganalysis web platform. Prior to 3.2.1, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command, without any form of sanitization or validation. An unauthenticated attacker can achieve root-level RCE inside the worker container with a single HTTP request, enabling full read/write access to all user-uploaded images, analysis results, and plaintext steganography passwords stored on disk. Because the container shares a Docker network with PostgreSQL and Redis (no authentication on either), the attacker can pivot to dump the entire database or manipulate the job queue to poison results for other users. If Docker socket mounting or host volume mounts are present, this could escalate to full host compromise. This would also include defacement of the website itself. This vulnerability is fixed in 3.2.1.

Analysis

Unauthenticated remote code execution (RCE) at root level in Aperi'Solve <3.2.1 allows attackers to execute arbitrary commands via unsanitized password input in JPEG upload functionality. Attack requires no authentication (PR:N) and low complexity (AC:L), with CVSS 9.3 critical severity. …

Remediation

Within 24 hours: Identify all Aperi'Solve deployments and their version numbers; immediately isolate or restrict network access to any instance running version <3.2.1 using firewall rules or network segmentation. Within 7 days: Upgrade Aperi'Solve to version 3.2.1 or later per vendor release; verify upgrade completion and test core functionality. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +46

POC: 0

CVE-2026-34977 vulnerability details – vuln.today

Back

CVE-2026-34977

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-34977

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code