virus logo Endpoint Vulnerability

Docker Desktop CVE-2025-9074 Authorization Bypass Vulnerability

description-logoDescription

Local Linux containers can reach the Docker Engine API on 192.168.65.7:2375, enabling privileged commands such as container control, image management, and host drive mounting on Docker Desktop (WSL backend).

affected-products-logoAffected Applications

Docker Desktop

Version Updates

Date Version Status Detail
2025-08-28 1.00903
New
 Docker Desktop

References

https://docs.docker.com/desktop/release-notes/#4443
ID 6232
Created Aug 28, 2025
Description
Updated		 Jan 16, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Docker
Patch manual
Application Docker Desktop