Docker Desktop patch addresses critical security flaws enabling host compromise

August 25, 2025 at 05:53 PM

•

1 min read

Docker Desktop patch addresses critical security flaws enabling host compromise — Photo: The Hacker News

TL;DR Summary

Docker has released version 4.44.3 to fix a critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS that could allow attackers to escape containers and gain full host access, with a CVSS score of 9.3. The flaw stems from unauthenticated access to the Docker Engine API, enabling malicious containers to compromise the host system, especially on Windows, while Linux remains unaffected.

Topics:technology #container-escape #cve-2025-9074 #docker #docker-desktop #security #security-vulnerability

Share this article

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 The Hacker News
Docker Desktop Vulnerability Leads to Host Compromise SecurityWeek
Critical Docker Desktop flaw lets attackers hijack Windows hosts BleepingComputer
Docker Desktop bug let containers hop the fence with barely a nudge theregister.com
Update Docker Desktop: hackers can take over your Windows PC Cybernews

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

89%

550 → 62 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights