Main Vulnerability Database Exploits ID:12270 - Exploit for Permissions, Privileges, and Access Controls in Docker Desktop - CVE-2025-9074

ID:12270 - Exploit for Permissions, Privileges, and Access Controls in Docker Desktop - CVE-2025-9074

Published: January 9, 2026

Vulnerability identifier: #VU114330

Vulnerability risk: Medium

CVE-ID: CVE-2025-9074

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Docker Desktop

Link to public exploit:

https://github.com/Shaoshi17/CVE-2025-9074-Docker-Exploit

Vulnerability description

The vulnerability allows a malicious container to execute arbitrary code on the system.

The vulnerability exists due to improperly imposed security restrictions. A malicious container can access the Docker Engine and launch additional containers without requiring the Docker socket to be mounted, leading to unauthorized access to files on the host system.

Remediation

Install updates from vendor's website.

ID:12270 - Exploit for Permissions, Privileges, and Access Controls in Docker Desktop - CVE-2025-9074

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human