Lucene search
+L

4 matches found

nvd
nvd
added 2026/07/07 4:17 a.m.10 views

CVE-2026-34047

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not enforce the expected authorization middleware, allowing an authenticated user to access terminal functionality for resources...

9.9CVSS0.00373EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/07 3:19 a.m.7 views

CVE-2026-34048

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes...

9.9CVSS6AI score0.00405EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/07/07 3:19 a.m.33 views

CVE-2026-34048 Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes...

9.9CVSS0.00405EPSS
Exploits0References3
cve
cve
added 2026/07/07 3:19 a.m.19 views

CVE-2026-34048

CVE-2026-34048 concerns Coolify prior to 4.0.0-beta.471, where terminal websocket bootstrap routes failed to enforce terminal authorization, only checking authentication. This allowed a low-privileged team member to connect to terminal routes and execute commands on team servers. The issue is fix...

9.9CVSS6AI score0.00405EPSS
Exploits0References3
Rows per page
Query Builder