9 matches found
CVE-2025-64423
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can see and use invitation links sent to an administrator. When they use the link before the legitimate recipie...
CVE-2025-64423
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can see and use invitation links sent to an administrator. When they use the link before the legitimate recipie...
CVE-2025-64423 Coolify has a Privilege Escalation - low privileged users can see and use admin invitation links
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can see and use invitation links sent to an administrator. When they use the link before the legitimate recipie...
CVE-2025-64423 Coolify has a Privilege Escalation - low privileged users can see and use admin invitation links
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can see and use invitation links sent to an administrator. When they use the link before the legitimate recipie...
CVE-2025-64423
Coolify CVE-2025-64423 affects the Web UI: in versions up to and including 4.0.0-beta.434, a low-privileged member can see and use admin invitation links, allowing login as an administrator if used before the legitimate recipient, i.e., privilege escalation. The Red Hat/NVD entries corroborate th...
CVE-2025-64421 Coolify has a privilege escalation - low privileged user can invite themselves as an admin user
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can invite a high privileged user. At first, the application will throw an error, but if the attacker clicks th...
CVE-2025-64421 Coolify has a privilege escalation - low privileged user can invite themselves as an admin user
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a low privileged user member can invite a high privileged user. At first, the application will throw an error, but if the attacker clicks th...
Coolify 安全漏洞
Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. A security vulnerability exists in Coolify v4.0.0-beta.434 and earlier versions, which stems from a low-privileged user being able to use an invitation link sent to an administrator, potentially...
PT-2026-1332
Name of the Vulnerable Software and Affected Versions Coolify versions up to and including 4.0.0-beta.434 Description Coolify is a self-hostable tool for managing servers, applications, and databases. A low privileged user member can view and utilize invitation links intended for administrators. ...