CVE-2025-9164 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Docker	CNA	---				---
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Common Weakness Enumeration

CWE-427 - Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Vulnerability Media Exposure

[GERMAN] Docker Desktop: Windows-Installer für Ausführung von Schadcode anfällig
Eine aktualisierte Docker-Desktop-Version schließt unter anderem eine DLL-Hijacking-Lücke im Windows-Installer.
Published: 2025-10-28T09:20:00+00:00
[GERMAN] Docker Desktop: Schwachstelle ermöglicht Privilegieneskalation
Ein lokaler Angreifer kann eine Schwachstelle in Docker Desktop ausnutzen, um seine Privilegien zu erhöhen.
Published: 2025-10-27T23:00:00+00:00

References

https://docs.docker.com/desktop/release-notes/