PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-39848 10ij CVE debrief

CVE-2026-39848 is a vulnerability in the Dockyard Docker container management app that allows a remote attacker to cause a logged-in administrator's browser to request specific actions, potentially starting or stopping target containers. The vulnerability exists in the Dockyard app prior to version 1.1.0, where Docker container start and stop operations are performed through GET requests without CSRF protection. This vulnerability has a CVSS score of 6.5 and a severity rating of MEDIUM. The affected product is the Dockyard Docker container management app, and the vulnerability class is related to CSRF protection. The likely operational impact is that an attacker could potentially start or stop containers without authorization.

Vendor
10ij
Product
Dockyard
CVSS
MEDIUM 6.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-09
Original CVE updated
2026-07-08
Advisory published
2026-04-09
Advisory updated
2026-07-08

Who should care

Administrators and users of the Dockyard Docker container management app, especially those with administrative privileges, should be aware of this vulnerability and take necessary actions to update to version 1.1.0 or apply compensating controls. Operators of the Dockyard app, platform administrators, vulnerability management teams, and security teams should review the official advisory and CVE record to validate affected scope, severity, and vendor guidance.

Technical summary

The vulnerability exists in the Dockyard app prior to version 1.1.0, where Docker container start and stop operations are performed through GET requests without CSRF protection. An attacker can exploit this by causing a logged-in administrator's browser to request specific actions, such as starting or stopping containers. This could allow unauthorized control of containers. The CVSS score for this vulnerability is 6.5, with a severity rating of MEDIUM. Administrators should focus on updating to version 1.1.0 or applying compensating controls like CSRF protection for Docker container operations. Verification of affected scope and severity should be based on the official advisory and CVE record.

Defensive priority

Medium priority should be given to updating the Dockyard app to version 1.1.0 or applying compensating controls to mitigate the risk of this vulnerability. Defenders should focus on verifying the affected scope and severity based on the official advisory and CVE record, and implement CSRF protection for Docker container start and stop operations.

Recommended defensive actions

  • Update Dockyard to version 1.1.0 or later
  • Implement CSRF protection for Docker container start and stop operations
  • Monitor for suspicious container management activities
  • Restrict administrative access to the Dockyard app
  • Verify container management operations are properly authenticated and authorized

Evidence notes

The CVE record was published on 2026-04-09T22:16:34.407Z and last modified on 2026-07-08T14:42:35.487Z. The NVD entry is currently Analyzed. The vulnerability is fixed in version 1.1.0 of the Dockyard app. Evidence of the vulnerability's existence and impact is limited to the information provided in the CVE record and NVD entry. Defenders should verify the affected scope and severity based on the official advisory and CVE record. The Dockyard app's lack of CSRF protection for Docker container start and stop operations allows a remote attacker to cause a logged-in administrator's browser to request specific actions, potentially starting or stopping target containers.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-09T22:16:34.407Z and has not been modified since then. The NVD entry is currently Analyzed.