CVE-2026-6406: CWE-863: Incorrect Authorization in Docker Docker Desktop
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker socket mount via the HostConfig.Mounts field rather than the HostConfig.Binds field. The ECI enforcement in the Docker Desktop API proxy only inspected Binds, allowing the mount to pass unchecked. This grants a container full access to the Docker Engine socket and, if the host user has logged in to container registries, their authentication credentials. A local attacker with the ability to run Docker CLI commands can exploit this to escape ECI restrictions, access the Docker Engine, and potentially escalate privileges.
AI Analysis
Technical Summary
The vulnerability arises from incorrect authorization in Docker Desktop's handling of socket mounts when the --use-api-socket flag is used. Enhanced Container Isolation (ECI) is designed to block Docker socket mounts from containers unless explicitly allowed via admin settings. However, the flag adds the socket mount via HostConfig.Mounts rather than HostConfig.Binds, and the ECI enforcement only inspects Binds. This oversight allows the mount to bypass ECI checks, granting the container full access to the Docker Engine socket and any stored authentication credentials of the host user. Exploitation requires local access with the ability to run Docker CLI commands.
Potential Impact
Successful exploitation allows a local attacker to bypass Docker Desktop's Enhanced Container Isolation, gaining full access to the Docker Engine socket. This can lead to privilege escalation and unauthorized access to container registry credentials stored by the host user. The vulnerability poses a significant risk to container isolation and host security.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict local access to Docker CLI commands to trusted users only and monitor Docker Desktop updates from Docker for a patch addressing this issue.
CVE-2026-6406: CWE-863: Incorrect Authorization in Docker Docker Desktop
Description
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker socket mount via the HostConfig.Mounts field rather than the HostConfig.Binds field. The ECI enforcement in the Docker Desktop API proxy only inspected Binds, allowing the mount to pass unchecked. This grants a container full access to the Docker Engine socket and, if the host user has logged in to container registries, their authentication credentials. A local attacker with the ability to run Docker CLI commands can exploit this to escape ECI restrictions, access the Docker Engine, and potentially escalate privileges.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability arises from incorrect authorization in Docker Desktop's handling of socket mounts when the --use-api-socket flag is used. Enhanced Container Isolation (ECI) is designed to block Docker socket mounts from containers unless explicitly allowed via admin settings. However, the flag adds the socket mount via HostConfig.Mounts rather than HostConfig.Binds, and the ECI enforcement only inspects Binds. This oversight allows the mount to bypass ECI checks, granting the container full access to the Docker Engine socket and any stored authentication credentials of the host user. Exploitation requires local access with the ability to run Docker CLI commands.
Potential Impact
Successful exploitation allows a local attacker to bypass Docker Desktop's Enhanced Container Isolation, gaining full access to the Docker Engine socket. This can lead to privilege escalation and unauthorized access to container registry credentials stored by the host user. The vulnerability poses a significant risk to container isolation and host security.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict local access to Docker CLI commands to trusted users only and monitor Docker Desktop updates from Docker for a patch addressing this issue.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Docker
- Date Reserved
- 2026-04-15T21:42:36.201Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a10ab43e1370fbb483c59b5
Added to database: 5/22/2026, 7:15:15 PM
Last enriched: 5/22/2026, 7:29:42 PM
Last updated: 5/23/2026, 7:43:13 PM
Views: 17
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.