A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances.
The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for CVE-2024-41110, a maximum-severity vulnerability in the same component that came to light in July 2024.
"



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/04/docker-cve-2026-34040-lets-attackers.html