high Code Vulnerability
Docker Engine AuthZ Bypass — AI Agent Sandbox Escape Demonstrated
| CVE | CVE-2026-34040 |
| Severity | high |
| Status | open |
| Date | April 8, 2026 |
| Affects | Docker Engine before 29.3.1 |
| Source | thehackernews.com |
Details
Incomplete fix for CVE-2024-41110. When API request body exceeds 1MB, Docker middleware silently drops it before AuthZ plugin inspection, causing automatic approval. Attackers create privileged containers with host filesystem access. An AI coding agent (OpenClaw) was demonstrated being tricked via prompt injection to exploit this flaw. Fix: Docker Engine 29.3.1.