283087 matches found
CVE-2026-34167 Coolify: Cross-tenant activity log disclosure via unlocked Livewire property in ActivityMonitor
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the ActivityMonitor Livewire component exposes a public $activityId property without Livewire's Locked attribute. It loads activities via Activity::find$this-activityId wit...
CVE-2026-34167
Coolify (open-source self-hosted) has a vulnerability in the ActivityMonitor Livewire component prior to version 4.0.0-beta.471: a public $activityId property is not protected with Livewire’s #[Locked] attribute, allowing any authenticated user to enumerate activity records across all teams and r...
CVE-2026-34049 Coolify: Command Injection via unsanitized MongoDB collection names in database backup
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.451 through 4.0.0-beta.470, database backup handling for MongoDB collection names did not fully validate shell metacharacters, allowing a highly privileged attacker who can configur...
Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879
Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt injection direct user input or indirect content the agent reads back via RAG, so an attacker who can...
GHSA-2PQ5-3Q89-J7CC Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879
Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt injection direct user input or indirect content the agent reads back via RAG, so an attacker who can...
CVE-2026-34599
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is an authenticated command injection vulnerability in the GetLogs Livewire component which allows users with team membership lowest privilege member role to execute...
CVE-2026-34599 Coolify: Authenticated Remote Code Execution in GetLogs Livewire Component
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is an authenticated command injection vulnerability in the GetLogs Livewire component which allows users with team membership lowest privilege member role to execute...
EUVD-2026-41957
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is an authenticated command injection vulnerability in the GetLogs Livewire component which allows users with team membership lowest privilege member role to execute...
CVE-2026-34599
CVE-2026-34599 affects Coolify prior to 4.0.0-beta.471. An authenticated user with team membership can trigger command injection in the GetLogs Livewire component because the public property $container is interpolated directly into shell commands (docker logs, docker service logs) without sanitiz...
CVE-2026-42204
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELLSAFECOMMANDPATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an...
CVE-2026-42204 Coolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host root
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELLSAFECOMMANDPATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an...
CVE-2026-42204
Coolify CVE-2026-42204 affects the 4.0.0-beta.471 to 4.0.0-beta.473 releases, where a regression in the SHELL_SAFE_COMMAND_PATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields. This enabled an authenticated team member to inject shell commands t...
EUVD-2026-41955
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELLSAFECOMMANDPATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an...
CVE-2026-57572
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browserconfig.extraargs, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together...
CVE-2026-34038
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution...
CVE-2026-42148
Vulnerability summary (CVE-2026-42148) Coolify pre-4.0.0-beta.474 has a command injection flaw in the buildHelperImage path (app/Livewire/Settings/Index.php) where Docker build commands are constructed using the dev_helper_version field without shell escaping. In a development environment, an att...
CVE-2026-42148
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the devhelperversion field without shell escaping, allowing an attack...
CVE-2026-42148 Coolify: Command Injection via Unescaped Version String in Docker Build
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the devhelperversion field without shell escaping, allowing an attack...
EUVD-2026-41953
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the devhelperversion field without shell escaping, allowing an attack...
Linuxfabrik Monitoring Plugins have local privilege escalation using embedded command
Summary When a check plugin places user provided input inside a command which is passed to shellexec, an attacker can abuse this to run arbitrary commands. This is mainly dangerous for plugins which are listed in the sudoers file, because this allows an attacker controlling the nagios user to get...