24/02/2026

ZDI-26-123: Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.5.

Comments are closed.

You may also like

ZDI-25-698: Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability

ZDI-25-1095: Fortinet FortiSandbox names admindel_confirm Command Injection Remote Code Execution Vulnerability