Lucene search
K

111 matches found

RedhatCVE
RedhatCVE
added 2026/01/06 6:5 p.m.7 views

CVE-2025-59158

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges e.g....

9.4CVSS5.6AI score0.00474EPSS
Exploits1References1
NVD
NVD
added 2026/01/05 6:15 p.m.6 views

CVE-2025-59158

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges e.g....

9.4CVSS0.00474EPSS
Exploits1References1
NVD
NVD
added 2026/01/05 6:15 p.m.7 views

CVE-2025-59157

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...

9.9CVSS0.01798EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/05 5:44 p.m.5 views

EUVD-2025-206246

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges e.g....

9.4CVSS5.1AI score0.00474EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/05 5:41 p.m.27 views

CVE-2025-59157 Coolify has Git Repository RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...

9.9CVSS0.01798EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/05 5:41 p.m.3 views

CVE-2025-59157 Coolify has Git Repository RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...

9.9CVSS7.2AI score0.01798EPSS
Exploits1References1
OSV
OSV
added 2026/01/05 5:41 p.m.5 views

CVE-2025-59157 Coolify has Git Repository RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, the Git Repository field during project creation is vulnerable to command injection. User input is not properly sanitized, allowing attackers to inject arbitrary...

9.9CVSS7.5AI score0.01798EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.5 views

Coolify 安全漏洞

Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. A security vulnerability exists in Coolify v4.0.0-beta.420.6 and prior versions, which stems from the presence of stored cross-site scripting in the project creation process that could lead to t...

9.4CVSS6.5AI score0.00474EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.5 views

PT-2026-1314

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.420.7 Description Coolify is a self-hostable tool for managing servers, applications, and databases. A stored cross-site scripting XSS issue exists in the project creation workflow. An authenticated user wi...

9.4CVSS5.4AI score0.00474EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.6 views

PT-2026-1313

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.420.7 Description Coolify is a self-hostable tool for managing servers, applications, and databases. Versions of Coolify before 4.0.0-beta.420.7 contain a command injection flaw in the Git Repository field...

9.9CVSS7.8AI score0.01798EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-9173

Malware in sbrugna...

6.5CVSS6.5AI score0.00545EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2153

Malware in sbrugna...

6.5CVSS6.9AI score0.0119EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-41672

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00346EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-6992

Malicious code in bioql PyPI...

9.1CVSS9.3AI score0.01436EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25910

Malicious code in bioql PyPI...

9.4CVSS6.5AI score0.00448EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25912

Malicious code in bioql PyPI...

9.4CVSS6.4AI score0.03691EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28625

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.4 views

CVE-2025-34161

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creatio...

9.4CVSS8.8AI score0.03691EPSS
Exploits3References1
NVD
NVD
added 2025/08/27 5:15 p.m.11 views

CVE-2025-34157

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to...

9.4CVSS0.00448EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/08/27 4:48 p.m.4 views

CVE-2025-34157

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to...

9.4CVSS5.7AI score0.00448EPSS
Exploits0References4
Rows per page
Query Builder