Vulnerabilities

CVE-2025-9164

by Fred · 27/10/2025

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user’s Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.

More information : https://docs.docker.com/desktop/release-notes/

Similar

Tags: Cybersecurity Alert