Privilege Validation Bypass in Moby Container Framework
CVE-2026-33997

6.8MEDIUM

Key Information:

Vendor: Moby
Status: Moby
Vendor: CVE Published:; 31 March 2026

What is CVE-2026-33997?

A security issue has been identified in the Moby container framework prior to version 29.3.1, which allows an attacker to bypass privilege validation during the installation of Docker plugins. The vulnerability stems from a flaw in the daemon's logic for comparing privileges, which may inadvertently accept privilege sets not authorized by the user. This impacts plugins that request a single privilege, as there is no validation check occurring at all. Moby has issued a fix in version 29.3.1 to address this concern.

Affected Version(s)

moby < 29.3.1

References

https://github.com/moby/moby/security/advisories/GHSA-pxq...

x_refsource_CONFIRM

https://github.com/moby/moby/releases/tag/docker-v29.3.1

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2026
Vulnerability Reserved
Mar 24, 2026

CVE-2026-33997 Data

JSON