CVE-2026-42306
HIGHDescription
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. This issue has been patched in Docker Engine version 29.5.1 and Moby Daemon version 2.0.0-beta.14.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| docker | engine |
| mobyproject | moby |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
| mobyproject | moby\/v2 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2026-42306? +
How severe is CVE-2026-42306? +
What products are affected by CVE-2026-42306? +
How do I check if I'm vulnerable to CVE-2026-42306? +
Related Vulnerabilities
Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source …
Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user …
`zip` is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction …
Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version …
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate …
astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may …