Lucene search
K

5 matches found

NVD
NVD
added 2026/07/07 4:17 a.m.11 views

CVE-2026-34035

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the...

8.8CVSS0.0034EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 2:56 a.m.32 views

CVE-2026-34035 Coolify: Host RCE via Log Drain secret/env command injection

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the...

8.8CVSS0.0034EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 2:56 a.m.10 views

CVE-2026-34035

CVE-2026-34035 affects Coolify. Prior to version 4.0.0-beta.466, log drain secret and environment values could be interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the host. Resulting impact is host RCE with high severity. ...

8.8CVSS6AI score0.0034EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/07 2:56 a.m.7 views

CVE-2026-34035

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the...

8.8CVSS6AI score0.0034EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/07/07 2:56 a.m.2 views

CVE-2026-34035 Coolify: Host RCE via Log Drain secret/env command injection

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the...

8.8CVSS6AI score0.0034EPSS
Exploits0References5
Rows per page
Query Builder