CVE-2026-14784
Received
Received - Intake
Sandbox Escape in vxcontrol PentAGI via Docker API
Vulnerability report for CVE-2026-14784, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-06
Last updated on: 2026-07-06
Assigner: VulDB
Description
Description
A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptance.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vxcontrol | pentagi | to 2.1.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-265 | |
| CWE-264 | Permissions, Privileges, and Access Controls |