PT-2026-22939 · Docker · Docker Compose+2

Published

2026-03-04

·

Updated

2026-05-25

·

CVE-2025-15558

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Docker CLI versions through 29.1.5 Docker Compose versions 2.31.0 through 5.0.0
Description The Docker CLI for Windows searches for plugin binaries in C:ProgramDataDockercli-plugins, a directory that does not exist by default. An attacker with limited privileges can create this directory and place malicious CLI plugin binaries, such as docker-compose.exe or docker-buildx.exe, which are then executed when a user opens Docker Desktop or uses Docker CLI plugin features. If the docker CLI is run with elevated privileges, this could lead to privilege escalation. This issue impacts Windows binaries utilizing the github.com/docker/cli/cli-plugins/manager package, including Docker Compose. The vulnerability was introduced in Docker Compose version 2.31.0. The vulnerable code is within the github.com/docker/cli/cli-plugins/manager package.
Recommendations Update Docker CLI to version 29.2.0 or later. Update Docker Compose to version 5.1.0 or later.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

BIT-DOCKER-CLI-2025-15558
CLEANSTART-2026-AM88528
CLEANSTART-2026-AP81168
CLEANSTART-2026-AT91215
CLEANSTART-2026-BD18029
CLEANSTART-2026-BD19566
CLEANSTART-2026-CC08450
CLEANSTART-2026-CI59834
CLEANSTART-2026-CO68219
CLEANSTART-2026-CY45415
CLEANSTART-2026-CZ07385
CLEANSTART-2026-DR81473
CLEANSTART-2026-EP10142
CLEANSTART-2026-EZ47382
CLEANSTART-2026-FB05615
CLEANSTART-2026-FK30234
CLEANSTART-2026-FQ05951
CLEANSTART-2026-FU04414
CLEANSTART-2026-FX27781
CLEANSTART-2026-FZ55932
CLEANSTART-2026-GG06672
CLEANSTART-2026-GK29346
CLEANSTART-2026-GM18965
CLEANSTART-2026-GM63718
CLEANSTART-2026-HF07497
CLEANSTART-2026-HK06185
CLEANSTART-2026-IC68874
CLEANSTART-2026-ID81656
CLEANSTART-2026-IS19112
CLEANSTART-2026-JG61689
CLEANSTART-2026-KU98579
CLEANSTART-2026-KW24478
CLEANSTART-2026-LB23787
CLEANSTART-2026-LO26058
CLEANSTART-2026-LS30652
CLEANSTART-2026-LY88807
CLEANSTART-2026-MK01488
CLEANSTART-2026-MW66533
CLEANSTART-2026-NS33477
CLEANSTART-2026-NV37937
CLEANSTART-2026-OD47693
CLEANSTART-2026-OF37807
CLEANSTART-2026-OS42112
CLEANSTART-2026-QI02196
CLEANSTART-2026-QJ92322
CLEANSTART-2026-QY63788
CLEANSTART-2026-RJ58492
CLEANSTART-2026-RU00721
CLEANSTART-2026-SH14815
CLEANSTART-2026-SI08105
CLEANSTART-2026-SN90101
CLEANSTART-2026-UD70996
CLEANSTART-2026-UK15999
CLEANSTART-2026-UQ00642
CLEANSTART-2026-UV31684
CLEANSTART-2026-VD70282
CLEANSTART-2026-VI68146
CLEANSTART-2026-VJ56922
CLEANSTART-2026-WB12909
CLEANSTART-2026-WN01990
CLEANSTART-2026-WO87803
CVE-2025-15558
GHSA-P436-GJF2-799P
GO-2026-4610
OPENSUSE-SU-2026:10369-1
OPENSUSE-SU-2026:10684-1
SUSE-SU-2026:1042-1
ZDI-26-152

Affected Products

Docker Cli
Docker Compose
Docker Desktop