Lucene search
K

6 matches found

NVD
NVD
added 2026/01/05 9:16 p.m.5 views

CVE-2025-64425

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, an attacker can initiate a password reset for a victim, and modify the host header of the request to a malicious value. The victim will...

8.5CVSS0.00356EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/05 8:45 p.m.5 views

CVE-2025-64424 Colify has command injection vulnerability in project git source

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a command injection vulnerability exists in the git source input fields of a resource, allowing a low privileged user member to execute syst...

9.4CVSS7.3AI score0.0194EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/01/05 8:41 p.m.29 views

CVE-2025-64423 Coolify has a Privilege Escalation - low privileged users can see and use admin invitation links

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can see and use invitation links sent to an administrator. When they use the link before the legitimate recipie...

7.7CVSS0.00292EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/05 7:42 p.m.4 views

CVE-2025-64421 Coolify has a privilege escalation - low privileged user can invite themselves as an admin user

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can invite a high privileged user. At first, the application will throw an error, but if the attacker clicks th...

8.7CVSS6.2AI score0.00253EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/05 7:42 p.m.4 views

EUVD-2025-206239

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can invite a high privileged user. At first, the application will throw an error, but if the attacker clicks th...

8.7CVSS6AI score0.00253EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.3 views

Coolify 安全漏洞

Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. A security vulnerability exists in Coolify v4.0.0-beta.434 and prior versions, which originates in the host header of a modifiable password reset request and could lead to account takeover...

8.5CVSS6.6AI score0.00356EPSS
Exploits1References2
Rows per page
Query Builder