From f053f5b10ca4c0f2056945b7c181a07b0a2e2c09 Mon Sep 17 00:00:00 2001
From: Mathieu Champlon <mathieu.champlon@docker.com>
Date: Tue, 2 Jun 2026 17:12:09 +0200
Subject: [PATCH] docs: add CVE-2026-8936 security note to Desktop release
 notes

---
 content/manuals/desktop/release-notes.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/content/manuals/desktop/release-notes.md b/content/manuals/desktop/release-notes.md
index 2d8063cc9149..f1287332e606 100644
--- a/content/manuals/desktop/release-notes.md
+++ b/content/manuals/desktop/release-notes.md
@@ -45,6 +45,10 @@ For more frequently asked questions, see the [FAQs](/manuals/desktop/troubleshoo
 - [Docker Scout CLI v1.21.0](https://github.com/docker/scout-cli/releases/tag/v1.21.0)
 - `docker pass` v0.0.29
 
+### Security
+
+- Addressed [CVE-2026-8936](https://www.cve.org/CVERecord?id=CVE-2026-8936), a VM panic caused by unbounded recursion in the `grpcfuse` kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a `dentry` invalidation event.
+
 ### Bug fixes and enhancements
 
 #### For all platforms