https://nvd.nist.gov/vuln/detail/CVE-2025-62725 allows a malicious OCI image used in docker-compose to write anywhere on the host filesystem. This has been fixed in docker-compose 2.40.2. We will release Rancher Desktop 1.20.1 with just an update to docker-compose to 2.40.3 and no other changes on Monday.