Moby Authorization Plugin Bypass Vulnerability (CVE-2026-34040)
A security vulnerability in Moby (prior to v29.3.1) allows attackers to bypass authorization plugins, potentially leading to unauthorized container access and privilege escalation.
Moby is an open-source container framework widely used in containerization deployments. A critical security vulnerability, identified as CVE-2026-34040, affects Moby versions prior to 29.3.1. This flaw enables attackers to bypass configured authorization plugins (AuthZ), potentially granting them unauthorized access to container resources and functionalities. Successful exploitation could lead to privilege escalation within the container environment, allowing attackers to execute arbitrary…
Detection coverage 2
Detect Moby AuthZ Bypass Attempt
highDetects potential attempts to bypass authorization plugins in Moby by monitoring API requests.
Detect Moby API Request to Bypass Authorization
mediumDetects API requests targeting sensitive container operations without proper authorization headers, indicating a potential bypass attempt.
Detection queries are kept inside the platform. Get full rules →
Indicators of compromise
1
1
url