Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API.
AnalysisAI
The Zabbix Agent 2 Docker plugin contains an argument injection vulnerability in the 'docker.container_info' parameter handler that fails to properly sanitize user-supplied input before forwarding requests to the Docker daemon. An authenticated attacker who can invoke Agent 2 can exploit this flaw to read arbitrary files from running Docker containers by injecting malicious parameters through the Docker archive API, potentially exposing sensitive application data, credentials, and configuration files. While no CVSS score or EPSS data is currently available, and no indication of active exploitation in the wild has been reported, this represents a direct path to container escape and lateral movement for attackers with agent-level access.
Technical ContextAI
Zabbix Agent 2 (cpe:2.3:a:zabbix:zabbix) includes a Docker monitoring plugin that communicates with the Docker daemon API to collect container metrics and metadata. The vulnerability stems from CWE-88 (Argument Injection) in the parameter handling logic for the 'docker.container_info' function. When this function constructs requests to the Docker API—specifically the archive endpoint used to retrieve files from containers—it does not properly escape or validate user-supplied parameters. This allows an attacker to inject additional Docker API parameters that modify the intended query, such as injecting path traversal sequences or alternative archive paths. The Docker daemon, receiving these malformed requests, executes them with the privileges of the Zabbix agent process, typically running with elevated rights for monitoring purposes.
RemediationAI
Immediately apply the security patch released by Zabbix for CVE-2026-23924, available through the Zabbix support portal at https://support.zabbix.com/browse/ZBX-27642. Upgrade to the patched version of Zabbix Agent 2 once available. As an interim mitigation, restrict network and local access to Agent 2 listening ports to only trusted Zabbix server instances and administrative users; disable or isolate the Docker plugin if it is not actively required for monitoring. Additionally, review and audit which containers and hosts have the Zabbix agent deployed with Docker plugin enabled, and restrict the agent's Docker API socket permissions to the minimum necessary user/group. Monitor Zabbix agent logs for suspicious docker.container_info invocations with unusual parameters.
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac
Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve
Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at
Same technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-14958
GHSA-xfvx-fm25-g3v4