Docker

A high-severity privilege escalation vulnerability (CVSS 8.8) has been discovered in Docker, the widely-used containerization platform, requiring local access and low-level privileges to exploit but capable of compromising system confidentiality, integrity, and availability across container boundaries. The attack requires no user interaction and can affect the broader system beyond the immediate container, making it a critical concern for any organization running Docker in multi-tenant or shared environments. Security teams should prioritize monitoring Docker deployments for exploitation attempts and prepare to apply patches once Docker releases a fix by the May 9, 2026 deadline.