{"api_version":"1","generated_at":"2026-07-13T10:04:39+00:00","cve":"CVE-2025-15558","urls":{"html":"https://cve.report/CVE-2025-15558","api":"https://cve.report/api/cve/CVE-2025-15558.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-15558","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-15558"},"summary":{"title":"Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","description":"Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the  github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code.","state":"PUBLISHED","assigner":"Docker","published_at":"2026-03-04 17:16:14","updated_at":"2026-06-30 03:16:47"},"problem_types":["CWE-427","CWE-427 CWE-427 Uncontrolled Search Path Element","CWE-427 Uncontrolled Search Path Element"],"metrics":[{"version":"4.0","source":"security@docker.com","type":"Secondary","score":"7","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:X/U:X","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:X/U:X","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"7","severity":"HIGH","vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U","data":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":7,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"}},{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"8","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"CVSS","score":"7.3","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","score":"7.3","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}],"references":[{"url":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304/","name":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304/","refsource":"security@docker.com","tags":["Not Applicable"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15558.json","name":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15558.json","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/docker/cli/pull/6713","name":"https://github.com/docker/cli/pull/6713","refsource":"security@docker.com","tags":["Issue Tracking","Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2025-15558","name":"https://access.redhat.com/security/cve/CVE-2025-15558","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://docs.docker.com/desktop/release-notes/","name":"https://docs.docker.com/desktop/release-notes/","refsource":"security@docker.com","tags":["Release Notes"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444574","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2444574","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-15558","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-15558","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Docker","product":"Docker CLI","version":"unaffected 29.2.0 semver","platforms":["Windows"]},{"source":"CNA","vendor":"Docker","product":"Compose","version":"unaffected 5.1.0 semver","platforms":["Windows"]},{"source":"ADP","vendor":"Red Hat","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Builds for Red Hat OpenShift","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Gatekeeper 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Kernel Module Management Operator for Red Hat Openshift","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Machine Deletion Remediation Operator","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Multicluster Global Hub","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Pipelines","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Serverless","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Service Mesh 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"OpenShift Service Mesh 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift GitOps","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Quay 3","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Security Profiles Operator","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","version":"","platforms":[]}],"timeline":[{"source":"ADP","time":"2026-03-04T17:01:09.062Z","lang":"en","value":"Reported to Red Hat."},{"source":"ADP","time":"2026-03-04T16:14:32.045Z","lang":"en","value":"Made public."}],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Nitesh Surana (niteshsurana.com) of Trend Research of TrendAI","lang":"en"}],"nvd_cpes":[{"cve_year":"2025","cve_id":"15558","vulnerable":"1","versionEndIncluding":"29.1.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"docker","cpe5":"command_line_interface","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"15558","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"15558","cve":"CVE-2025-15558","epss":"0.004720000","percentile":"0.374030000","score_date":"2026-07-02","updated_at":"2026-07-03 00:06:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-15558","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-03-04T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-03-05T04:55:47.099Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"affected":[{"cpes":["cpe:/a:redhat:assisted_installer:2"],"defaultStatus":"unaffected","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_builds:1"],"defaultStatus":"unaffected","product":"Builds for Red Hat OpenShift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:gatekeeper:3"],"defaultStatus":"unaffected","product":"Gatekeeper 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:kernel_module_management:2"],"defaultStatus":"unaffected","product":"Kernel Module Management Operator for Red Hat Openshift","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:workload_availability_mdr:0"],"defaultStatus":"unaffected","product":"Machine Deletion Remediation Operator","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_engine"],"defaultStatus":"unaffected","product":"Multicluster Engine for Kubernetes","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:multicluster_globalhub"],"defaultStatus":"unaffected","product":"Multicluster Global Hub","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_pipelines:1"],"defaultStatus":"unaffected","product":"OpenShift Pipelines","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:serverless:1"],"defaultStatus":"unaffected","product":"OpenShift Serverless","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:2"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:service_mesh:3"],"defaultStatus":"unaffected","product":"OpenShift Service Mesh 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:acm:2"],"defaultStatus":"unaffected","product":"Red Hat Advanced Cluster Management for Kubernetes 2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:advanced_cluster_security:4"],"defaultStatus":"unaffected","product":"Red Hat Advanced Cluster Security 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_ai"],"defaultStatus":"unaffected","product":"Red Hat OpenShift AI (RHOAI)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_devspaces:3"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Dev Spaces","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:windows_machine_config"],"defaultStatus":"unaffected","product":"Red Hat OpenShift for Windows Containers","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_gitops:1"],"defaultStatus":"unaffected","product":"Red Hat OpenShift GitOps","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:container_native_virtualization:4"],"defaultStatus":"unaffected","product":"Red Hat OpenShift Virtualization 4","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:16.2"],"defaultStatus":"unaffected","product":"Red Hat OpenStack Platform 16.2","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:17.1"],"defaultStatus":"unaffected","product":"Red Hat OpenStack Platform 17.1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openstack:18.0"],"defaultStatus":"unaffected","product":"Red Hat OpenStack Platform 18.0","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:quay:3"],"defaultStatus":"unaffected","product":"Red Hat Quay 3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:trusted_artifact_signer:1"],"defaultStatus":"unaffected","product":"Red Hat Trusted Artifact Signer","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"],"defaultStatus":"unaffected","product":"Security Profiles Operator","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"],"defaultStatus":"unaffected","product":"Zero Trust Workload Identity Manager","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"],"defaultStatus":"unaffected","product":"Zero Trust Workload Identity Manager - Tech Preview","vendor":"Red Hat"}],"datePublic":"2026-03-04T16:14:32.045Z","descriptions":[{"lang":"en","value":"A flaw was found in Docker CLI for Windows. A low-privileged attacker can exploit this vulnerability by creating a specific directory, C:\\ProgramData\\Docker\\cli-plugins, which does not exist by default. By placing malicious plugin binaries in this directory, an attacker can achieve privilege escalation when a victim user opens Docker Desktop or uses Docker CLI plugin features, provided the Docker CLI is executed with elevated privileges."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-427","description":"Uncontrolled Search Path Element","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T02:43:33.267Z","orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2025-15558"},{"name":"RHBZ#2444574","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444574"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-15558.json"}],"timeline":[{"lang":"en","time":"2026-03-04T17:01:09.062Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-03-04T16:14:32.045Z","value":"Made public."}],"title":"docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries","x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"}}],"cna":{"affected":[{"defaultStatus":"affected","platforms":["Windows"],"product":"Docker CLI","vendor":"Docker","versions":[{"status":"unaffected","version":"29.2.0","versionType":"semver"}]},{"defaultStatus":"unaffected","platforms":["Windows"],"product":"Compose","vendor":"Docker","versions":[{"status":"unaffected","version":"5.1.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Nitesh Surana (niteshsurana.com) of Trend Research of TrendAI"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Docker CLI for Windows searches for plugin binaries in <code>C:\\ProgramData\\Docker\\cli-plugins</code>, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the <code>docker</code>&nbsp;CLI is executed as a privileged user.</p><p>This issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the <a target=\"_blank\" rel=\"nofollow\" href=\"https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager\"><code>github.com/docker/cli/cli-plugins/manager</code></a>&nbsp;package, such as Docker Compose.</p><p>This issue does not impact non-Windows binaries, and projects not using the plugin-manager code.</p><p></p>"}],"value":"Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the  github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code."}],"impacts":[{"capecId":"CAPEC-38","descriptions":[{"lang":"en","value":"CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"}]},{"capecId":"CAPEC-471","descriptions":[{"lang":"en","value":"CAPEC-471 Search Order Hijacking"}]},{"capecId":"CAPEC-640","descriptions":[{"lang":"en","value":"CAPEC-640 Inclusion of Code in Existing Process"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":7,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-427","description":"CWE-427 Uncontrolled Search Path Element","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-04T16:14:32.045Z","orgId":"686469e6-3ff6-451b-ab8b-cf5b9e89401e","shortName":"Docker"},"references":[{"url":"https://docs.docker.com/desktop/release-notes/"},{"tags":["third-party-advisory"],"url":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304/"},{"tags":["patch"],"url":"https://github.com/docker/cli/pull/6713"}],"source":{"discovery":"EXTERNAL"},"title":"Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","x_generator":{"engine":"Vulnogram 0.2.0"}}},"cveMetadata":{"assignerOrgId":"686469e6-3ff6-451b-ab8b-cf5b9e89401e","assignerShortName":"Docker","cveId":"CVE-2025-15558","datePublished":"2026-03-04T16:14:32.045Z","dateReserved":"2026-02-03T19:51:18.184Z","dateUpdated":"2026-06-30T02:43:33.267Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-03-04 17:16:14","lastModifiedDate":"2026-06-30 03:16:47","problem_types":["CWE-427","CWE-427 CWE-427 Uncontrolled Search Path Element","CWE-427 Uncontrolled Search Path Element"],"metrics":{"cvssMetricV40":[{"source":"security@docker.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:X/U:X","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-04T00:00:00+00:00","id":"CVE-2025-15558","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:docker:command_line_interface:*:*:*:*:*:*:*:*","versionEndIncluding":"29.1.5","matchCriteriaId":"C1EE5991-A4E4-4B51-BA38-91C8C71D0B75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"15558","Ordinal":"1","Title":"Docker Desktop Docker Plugins Uncontrolled Search Path Element L","CVE":"CVE-2025-15558","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"15558","Ordinal":"1","NoteData":"Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the  github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code.","Type":"Description","Title":"Docker Desktop Docker Plugins Uncontrolled Search Path Element L"}]}}}