📦 Coolify

This vulnerability allows remote command execution as root on Coolify instances when users create applications from malicious repositories using the docker compose build pack. Attackers can exploit un...

This vulnerability allows low-privileged users in Coolify to view the root user's private SSH key, enabling them to authenticate as root on the server. All Coolify instances running vulnerable version...

CVE-2025-59157 is a command injection vulnerability in Coolify's Git Repository field during project creation. Unauthenticated user input is not properly sanitized, allowing attackers to execute arbit...

CVE-2025-66209 is an authenticated command injection vulnerability in Coolify's Database Backup functionality. It allows users with application/service management permissions to execute arbitrary comm...

Coolify versions before v4.0.0-beta.420.6 contain a stored XSS vulnerability where authenticated users can inject malicious JavaScript into project names. When administrators interact with these proje...

This vulnerability allows any authenticated user in Coolify to attach existing private SSH keys to their own server configuration. If the attacker's server matches the victim's SSH configuration (IP/d...

This vulnerability in Coolify allows any authenticated user to escalate privileges to any role, including owner, and remove all other team members. Attackers can then access the Terminal feature to ex...

A command injection vulnerability in Coolify allows low-privileged users (members) to execute arbitrary system commands as root on the Coolify instance. This occurs through git source input fields in ...

In Coolify versions up to v4.0.0-beta.434, low-privileged users (members) can intercept and use administrator invitation links before the intended recipient. This allows privilege escalation to admini...

This vulnerability in Coolify allows attackers to hijack password reset emails by manipulating the host header. When victims click malicious reset links, their tokens are sent to attacker-controlled s...

This vulnerability allows low-privileged users in Coolify to invite themselves as administrators through a race condition exploit. By clicking the invite button twice, they can bypass authorization ch...

This vulnerability allows low-privileged users in Coolify to inject malicious Docker Compose directives during project creation or updates. By mounting the host filesystem through a crafted service, a...

This stored XSS vulnerability in Coolify allows authenticated low-privilege users to inject malicious JavaScript into project names. When administrators interact with these projects, the script execut...

CVE-2025-66210 is an authenticated command injection vulnerability in Coolify's Database Import functionality that allows users with application/service management permissions to execute arbitrary com...

Coolify versions before 4.0.0-beta.451 contain an authenticated command injection vulnerability in PostgreSQL initialization script filename handling. Users with application/service management permiss...

Coolify versions before 4.0.0-beta.451 contain an authenticated command injection vulnerability in Dynamic Proxy Configuration Filename handling. Users with application/service management permissions ...

CVE-2025-66213 is an authenticated command injection vulnerability in Coolify's File Storage Directory Mount Path functionality. It allows users with application/service management permissions to exec...

Coolify versions before v4.0.0-beta.420.7 contain a command injection vulnerability in the Git Repository field during project creation. Authenticated users with member privileges can execute arbitrar...

Coolify versions before 4.0.0-beta.359 contain a command injection vulnerability in project name handling that allows authenticated attackers to execute arbitrary shell commands on the host system. Th...

This vulnerability allows authenticated users in Coolify to execute arbitrary code on the Coolify container, potentially accessing sensitive data and private keys of other users/teams. Centrally hoste...

Coolify's login endpoint has a rate limit bypass vulnerability that allows attackers to perform unlimited credential stuffing and brute-force attacks against user and admin accounts. This affects all ...

Coolify versions up to v4.0.0-beta.420.8 have an API vulnerability that allows authenticated team members to access other users' email change verification codes. This could enable unauthorized email a...

Coolify versions before 4.0.0-beta.380 contain a reflected cross-site scripting (XSS) vulnerability in the tags search functionality. When a search returns no results, the search query is improperly r...

Coolify versions before 4.0.0-beta.361 have an authorization flaw where any authenticated user can revoke any team invitation by guessing predictable incremental IDs. This allows denial-of-service att...

This vulnerability allows any authenticated user in Coolify to access sensitive GitHub/GitLab configuration details (client ID, client secret, webhook secret) by simply knowing the UUID of the configu...