2459 matches found
CVE-2026-34037
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an...
CVE-2026-34037 Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo()
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an...
CVE-2026-34037
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an...
EUVD-2026-41996
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an...
CVE-2026-34037
Coolify prior to v4.0.0-beta.464 is affected by a broken object-level authorization in cloneTo() within ResourceOperations.php. The action authenticates the source resource but resolves destination resources with unscoped Eloquent lookups, enabling cross-tenant cloning where an authenticated user...
CVE-2026-34037 Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo()
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an...
PT-2026-56259
Name of the Vulnerable Software and Affected Versions FastGPT versions 4.14.17 through 4.15.0-beta3 Description An authenticated tenant user can call the 'POST /api/core/dataset/collection/create/reTrainingCollection' endpoint to persist a datasetId value belonging to another tenant. This results...
PT-2026-56264
Name of the Vulnerable Software and Affected Versions FastGPT versions prior to v4.15.0-beta5 Description Two file handlers fail to verify if a requested S3 object key belongs to the caller's team. Since S3 object keys are global within a bucket and only include the tenant ID as a path segment, a...
CVE-2026-34167 Coolify: Cross-tenant activity log disclosure via unlocked Livewire property in ActivityMonitor
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the ActivityMonitor Livewire component exposes a public $activityId property without Livewire's Locked attribute. It loads activities via Activity::find$this-activityId wit...
CVE-2026-34167
Coolify (open-source self-hosted) has a vulnerability in the ActivityMonitor Livewire component prior to version 4.0.0-beta.471: a public $activityId property is not protected with Livewire’s #[Locked] attribute, allowing any authenticated user to enumerate activity records across all teams and r...
CVE-2026-34167 Coolify: Cross-tenant activity log disclosure via unlocked Livewire property in ActivityMonitor
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the ActivityMonitor Livewire component exposes a public $activityId property without Livewire's Locked attribute. It loads activities via Activity::find$this-activityId wit...
CVE-2026-12686
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
CVE-2026-12686
CVE-2026-12686 affects Adiss’s Biloop: an authenticated user can manipulate a company ID in a POST to the backend, bypassing cross-tenant authorization and gaining access to other companies’ data (including billing) and potentially modifying third-party data. Root cause is inadequate verification...
CVE-2026-12686
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
EUVD-2026-41860
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
CVE-2026-12686 Incorrect authorisation in Adiss’s Biloop
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
PT-2026-55915
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authenticated user can perform a cross-tenant authorization bypass by manipulating a company ID parameter in a POST request to the backend. The application...
CVE-2025-13475
In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants,...
CVE-2025-13475
Technical details about CVE-2025-13475 are not publicly available in the provided documents. Monitor for updates.
CVE-2025-13475
In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants,...