Docker Desktop 4.76.0: VM panic via unbounded recursion in grpcfuse mod
CVE-2026-8936 Published on June 2, 2026

Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.

NVD

Weakness Type

What is a Stack Exhaustion Vulnerability?

The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.

CVE-2026-8936 has been classified to as a Stack Exhaustion vulnerability or weakness.

Products Associated with CVE-2026-8936

Want to know whenever a new CVE is published for Docker Desktop? stack.watch will email you.

Docker Desktop

Affected Versions

Docker Desktop:

Version 4.33.0 and below 4.76.0 is affected.

Docker Desktop 4.76.0: VM panic via unbounded recursion in grpcfuse modCVE-2026-8936 Published on June 2, 2026

Weakness Type

What is a Stack Exhaustion Vulnerability?

Products Associated with CVE-2026-8936

Affected Versions

Docker Desktop 4.76.0: VM panic via unbounded recursion in grpcfuse mod
CVE-2026-8936 Published on June 2, 2026