Docker has released security updates to address a vulnerability (CVE-2025-9074) that could potentially allow an attacker to break out of the confines of a container. Severity level: CVSS Score: 9.3/Critical. Description: Docker Desktop is a widely used containerization platform for Windows and macOS. CVE-2025-9074 is a critical vulnerability caused by Docker Desktop exposing its internal Docker Engine API at 192.168.65.7:2375 without authentication. This flaw allows a malicious container to access the Docker API and perform unauthorized actions such as launching new containers, mounting host drives, and modifying host files. Affected Versions: Docker Desktop for Windows before version 4.44.3. Docker Desktop for macOS before version 4.44.3. Impact: Successful exploitation may result in container escape and arbitrary code execution on the host system with elevated privileges. Resolution: Please update to the following patched versions: Docker Desktop 4.44.3 or later for Windows. Docker Desktop 4.44.3 or later for macOS. Reference:
