CVE-2026-34040

HIGH

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

CVSS v3.1 Score

8.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Complexity

LOW

Privileges

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 3/31/2026Modified: 4/3/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (2)

https://github.com/moby/moby/releases/tag/docker-v29.3.1Release Notes https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2Vendor Advisory