Docker released Desktop 4.74.0 on May 19, 2026 with a security update at the center: content hash validation now protects the Electron GUI on Mac and other platforms against local resource tampering. The two preceding releases (4.72.0 and 4.73.0, which patched CVE-2026-31431 and fixed an Apple Silicon memory leak) had also focused on stability and security. This release adds more: Gordon AI moves to general availability with new pricing tiers, Docker Extensions are disabled by default, and three Mac-specific bugs get resolved.
Security improvements and Mac bug fixes in 4.74.0
The most operationally disruptive bug fixed in this release affected the startup sequence. Docker Desktop’s own Electron helper processes (GPU, renderer, utility) were being incorrectly flagged as lingering processes and killed on launch when starting from the Start menu on Windows, causing a crash loop. The official release notes confirm the fix.
A second cross-platform fix addresses UI preference persistence: the “View build logs” toggle was not saving its state across restarts, which affected anyone relying on a configured workspace layout.
On the security side, the 4.74.0 introduces content hash validation for the Electron GUI. This is an integrity check against tampering with local GUI resources, a known attack class for desktop applications built on web runtimes. Docker has not filed a separate CVE for this, but it is a meaningful hardening step.
Mac users get three targeted fixes. The most notable: published ports were becoming inaccessible when a container was simultaneously connected to a Swarm overlay network and standard networks. Anyone running Docker Swarm locally or testing multi-network setups on macOS would have hit this. The update also resolves dashboard TLS failures in corporate environments with custom certificates or proxies, and extends the content hash validation to the Mac GUI.
Linux gains official support for Ubuntu 26.04.
Component updates: Docker Offload v0.5.89, Docker Agent v1.57.0, Credential Helpers v0.9.7.
Gordon AI in GA: what it means for developers
Gordon has been in beta since late 2025 as Docker’s built-in AI assistant. With 4.74.0 it reaches general availability, and Docker is introducing usage-based plans alongside the free tier.
The baseline is free: Gordon is included with every Docker account and requires only an active sign-in to Docker Desktop. The free plan operates under a shared usage limit. For heavier use, Docker offers two paid tiers: Gordon Plus at $9/month and Gordon Pro at $20/month, with Pro providing roughly double the usage capacity compared to the base plan. Precise request or token limits per tier are not documented publicly as of this writing.
Gordon requires Docker Desktop 4.74 or later and is enabled by default for signed-in users. Business subscription organizations can manage visibility through the Admin Console, where an administrator must set the feature to “Enabled” or “Always enabled.” To turn it off individually, the setting lives under Settings > AI in Docker Desktop.
The six core capabilities: Docker command and concept explanations, documentation search, Dockerfile generation and revision, container failure debugging via log analysis, and management of containers, images, volumes, and networks. Every action requires explicit approval before execution. The CLI surface is docker ai, available from any directory.
Docker Extensions disabled by default: practical impact
The change with the broadest day-to-day impact is the disabling of Docker Extensions by default. Extensions were the primary mechanism for integrating third-party tooling directly into the Docker Desktop UI: monitoring dashboards, database clients, volume managers, CI panels. They remain available, but off out of the box.
The release notes do not state an explicit reason, but the pattern matches a broader trend toward minimal-surface defaults in developer tooling. Fewer enabled features at installation means fewer potential attack vectors before a user has made an informed choice.
Re-enabling extensions takes a few clicks: Settings > Extensions > Enable Docker Extensions, then Apply. An additional option restricts usage to marketplace-reviewed extensions only (“Allow only extensions distributed through the Docker Marketplace”), which is worth considering if you want a middle ground.
Organizations managing Docker Desktop at scale through settings-store.json should check the extensionsEnabled key in their policy configuration.
Users who had extensions installed and active before upgrading to 4.74.0 may find them disabled after the update and will need to re-enable manually.
What to watch
Docker Desktop’s automatic update mechanism will pull 4.74.0 by default. If automatic updates are disabled, check the current version via Settings > Software Updates or docker version in the terminal.
The Gordon AI free plan usage limits are not granularly documented yet. Teams sharing a single Docker account who plan intensive use should monitor consumption in the first few weeks to assess whether a paid plan is warranted.
