Skip to main content

Arcane

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-23944 CRITICAL PATCH Act Now

Arcane Docker management interface prior to 1.13.2 has missing authentication, allowing unauthenticated attackers to manage Docker containers, images, and networks on the host.

Docker Arcane
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-23520 Go CRITICAL POC PATCH Act Now

Arcane Docker management tool before 1.13.0 has command injection in lifecycle labels. Container labels are passed to /bin/sh -c without sanitization, enabling RCE. PoC available.

Docker Command Injection Arcane Suse
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-23944
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Arcane Docker management interface prior to 1.13.2 has missing authentication, allowing unauthenticated attackers to manage Docker containers, images, and networks on the host.

Docker Arcane
NVD GitHub
CVE-2026-23520 Go
EPSS 0% CVSS 9.0
CRITICAL POC PATCH Act Now

Arcane Docker management tool before 1.13.0 has command injection in lifecycle labels. Container labels are passed to /bin/sh -c without sanitization, enabling RCE. PoC available.

Docker Command Injection Arcane +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy