Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability

CVE-2026-2664 is a medium-severity information disclosure vulnerability in Docker Desktop that allows local attackers with low-privileged code execution to access sensitive information on affected systems. An attacker must already have the ability to run code locally on the target machine to exploit this flaw. Security teams should prioritize patching Docker Desktop installations and review access controls to limit who can execute code locally on systems running this software.