A vulnerability, which was classified as critical , has been found in Docker Desktop up to 4.70.x . This impacts an unknown function of the file config.json of the component MLX Inference Backend . This manipulation of the argument model_file causes inclusion of functionality from untrusted control sphere. This vulnerability is registered as CVE-2026-5843 . The attack needs to be launched locally. No exploit is available. It is advisable to upgrade the affected component.