Security Advisory

CVE-2025-9164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-27 13:53:40

Last updated 2026-02-26 16:57:05

Assigner Docker

State PUBLISHED

Description

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the users Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.

← Browse all CVEs View on cve.org ↗