CVE-2026-34040

Docker Engine versions prior to 29.3.1 contain CVE-2026-34040 — a CVSS 8.8 authorization plugin bypass that allows attackers to send oversized HTTP requests to trick AuthZ plugins into granting access they would otherwise deny. Researchers at Cyera demonstrated that AI coding agents can discover and exploit this flaw autonomously to gain full host access, steal cloud credentials, and pivot into Kubernetes clusters.

Severity

high

CVSS Score

8.8 / 10

Published

Apr 7, 2026

Affected Products

›Docker Engine (Moby) — all versions prior to 29.3.1
›Docker Desktop — versions bundling Docker Engine prior to 29.3.1
›Any deployment using Docker AuthZ plugins including OPA, Prisma Cloud, or custom policy plugins for container access control

Key Facts

›CVE-2026-34040 allows an attacker with low privileges to bypass Docker's AuthZ plugins by sending an oversized HTTP request — the plugin never sees the body and grants access it would otherwise deny
›Successful exploitation allows creating a privileged container, mounting the host filesystem, stealing cloud credentials, and accessing Kubernetes clusters and production servers
›This is an incomplete fix of CVE-2024-41110 — the same bug class has now been exploited twice in the same component
›Cyera researchers showed AI coding agents can discover and trigger this exploit autonomously without any human attacker involvement — patch to Docker Engine 29.3.1 immediately

Full Analysis

CVE-2026-34040: Docker AuthZ Plugin Bypass Lets Attackers Escape Containers and Gain Full Host Access — AI Agents Can Trigger It Automatically

Deep-dive: technical breakdown, real-world impact, complete remediation steps, and expert context.

Read the full report →

← All threat reports All articles