CVE-2025-6587
published 2025-07-03CVE-2025-6587: System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of…
PriorityP423medium5.2CVSS 4.0
AVLACLATPPRLUINVCNVINVANSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.13%
2.7th percentile
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.
A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| docker | docker_desktop | < 4.43.0 | 4.43.0 |
CVSS provenance
nvdv4.05.2MEDIUMCVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
ghsa7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
RAGAS has SSRF via Multi-Modal Faithfulness Collections Module
ghsa·2026-04-20·CVSS 7.5
CVE-2026-6587 [HIGH] CWE-918 RAGAS has SSRF via Multi-Modal Faithfulness Collections Module
RAGAS has SSRF via Multi-Modal Faithfulness Collections Module
A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_local_file/_try_process_url of the file src/ragas/metrics/collections/multi_modal_faithfulness/util.py of the component Collections Module. Performing a manipulation of the argument retrieved_contexts results in server-side request forgery. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The security patch for CVE-2025-45691 was applied to a different module only. The vendor was contacted early about this disclosure but did not respond in any way.
GHSA
GHSA-qj23-w8jm-w8wv: System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion
ghsa_unreviewed·2025-07-03
CVE-2025-6587 [MEDIUM] CWE-532 GHSA-qj23-w8jm-w8wv: System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion
System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.
A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.
No detection rules found.
No public exploits indexed.
2025-07-03
Published