{"uuid": "5053d923-4129-4f50-9964-5ba8fe17f4df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2026-34040", "type": "published-proof-of-concept", "source": "https://t.me/thehackernews/8758", "content": "\ud83d\uded1 Docker fixed a flaw letting attackers bypass AuthZ plugins with a padded API request (>1MB).\n\nThe plugin sees no body and allows it, while Docker executes it\u2014creating a privileged container with host access and exposed credentials.\n\n\ud83d\udd17 Learn how this leads to full host compromise \u2192 https://thehackernews.com/2026/04/docker-cve-2026-34040-lets-attackers.html", "creation_timestamp": "2026-04-07T16:35:58.000000Z"}