{"id":"CVE-2025-15558","details":"Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the  github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager  package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code.","aliases":["BIT-docker-cli-2025-15558","GHSA-p436-gjf2-799p","GO-2026-4610"],"modified":"2026-03-26T09:14:30.498170Z","published":"2026-03-04T17:16:14.763Z","related":["CGA-6mmj-5xc7-26c2","SUSE-SU-2026:1042-1","openSUSE-SU-2026:10369-1"],"references":[{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304/"},{"type":"ADVISORY","url":"https://docs.docker.com/desktop/release-notes/"},{"type":"FIX","url":"https://github.com/docker/cli/pull/6713"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/docker/cli","events":[{"introduced":"0"},{"last_affected":"0e6fee6c52f761dc79dc4bf712ea9fe4095c9bd2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"29.1.5"}]}}],"versions":["v18.06.0-ce-rc1","v18.09.0-ce-tp0","v18.09.0-ce-tp3","v18.09.0-ce-tp4","v19.03.0-beta1","v19.03.0-beta2","v19.03.0-beta3","v20.10.0","v20.10.0-beta1","v20.10.0-rc1","v20.10.0-rc2","v20.10.1","v20.10.2","v22.06.0-beta.0","v23.0.0","v23.0.0-beta.1","v23.0.0-rc.1","v23.0.0-rc.2","v23.0.0-rc.3","v23.0.0-rc.4","v24.0.0-beta.1","v24.0.0-beta.2","v24.0.0-rc.1","v24.0.0-rc.2","v25.0.0","v25.0.0-beta.1","v25.0.0-beta.2","v25.0.0-beta.3","v25.0.0-rc.1","v25.0.0-rc.2","v25.0.0-rc.3","v26.0.0","v26.0.0-rc1","v26.0.0-rc2","v26.0.0-rc3","v26.1.0","v27.0.0-rc.1","v27.0.0-rc.2","v27.0.1","v27.0.1-rc.1","v28.0.0","v28.0.0-rc.1","v28.0.0-rc.2","v28.0.0-rc.3","v28.0.1","v28.0.2","v28.0.3","v28.0.4","v28.1.0","v28.1.0-rc.1","v28.1.0-rc.2","v28.1.1","v28.2.0","v28.2.0-rc.1","v28.2.0-rc.2","v28.2.1","v28.2.2","v28.3.0","v28.3.0-rc.1","v28.3.0-rc.2","v28.3.1","v28.3.2","v28.3.3","v29.0.0","v29.0.0-rc.1","v29.0.0-rc.2","v29.0.0-rc.3","v29.0.1","v29.0.2","v29.0.3","v29.0.4","v29.1.0","v29.1.0-rc.1","v29.1.1","v29.1.2","v29.1.3","v29.1.4","v29.1.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15558.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}]}