The docker daemon runs as a privileged user, so if you're able to break out of the container (which has been shown possible recently) then you can compromise the entire host OS.
That was a runc vuln, which affected other conatinerization solutions on Linux, not just docker.
Also it didn't really have anything to do with the Docker daemon running as root, it was triggered by the use of root users in containers (blocked if the user didn't do that, had decent SELinux setups or used user namespaces)