CVE-2026-2664
Received Received - Intake
Out-of-Bounds Read in grpcfuse Module Allows Local Exploit

Publication date: 2026-02-24

Last updated on: 2026-02-27

Assigner: Docker Inc.

Description
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed inΒ Docker Desktop 4.62.0 .
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2664
EUVD
EUVD-2026-7385
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
docker desktop to 4.62.0 (exc)
docker desktop to 4.62.0 (exc)
docker desktop to 4.62.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an out of bounds read issue in the grpcfuse kernel module found in the Linux virtual machine used by Docker Desktop on Windows, Linux, and macOS up to version 4.61.0.

A local attacker could exploit this vulnerability by writing to /proc/docker entries, which could lead to an unspecified impact.

The vulnerability has been fixed in Docker Desktop version 4.62.0.

Impact Analysis

Exploiting this vulnerability could allow a local attacker to cause an unspecified impact on the affected system.

Since the exact impact is unspecified, it could range from information disclosure to system instability or other security issues related to the out of bounds read in the kernel module.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, you should update Docker Desktop to version 4.62.0 or later, where the issue has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2664. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart