VDB
DEBIAN-CVE-2026-34040
DEBIAN-CVE-2026-34040
PUBLISHED
CVSS 7.800000190734863 HIGH
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | docker.io | *, *, 27.5.1+dfsg3-6 |
| Debian:14 | docker.io | 0, 26.1.5+dfsg1-10, 26.1.5+dfsg1-9 |
| Debian:11 | docker.io | 20.10.25+dfsg1, 20.10.5+dfsg1, 20.10.5+dfsg1 |
| Debian:12 | docker.io | 0, 20.10.24+dfsg1-1, 20.10.24+dfsg1-1+deb12u1 |
Exploit Intelligence
- m0nk3ygod/CVE-2026-34040-PoC (github-poc-repo)
- m0nk3ygod/CVE-2026-34040-PoC (github-poc)
- container.go (github-poc)
- cve_model.go (github-poc)
- pgedge-control-plane.trivyignore.yaml (github-poc)
- .trivyignore.yaml (github-poc)
- sec-build.yaml (github-poc)
- cli.rs (github-poc)
- CVE-2026-34040.yml (github-poc)
- CHANGELOG-v1.75.4.yml (github-poc)
…and 8 more exploits
Timeline
- Mar 31, 2026 CVE Published
- Apr 28, 2026 CVE Updated