Lucene search
K

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

🗓️ 08 Jan 2026 09:53:00Reported by The Hacker NewsType 
thn
 thn
🔗 thehackernews.com👁 7 Views

Coolify self hosted flaws enable authentication bypass and full server compromise via command injections.

Related
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Command Injection in Coollabs Coolify
1 Mar 202622:28
githubexploit
Circl
CVE-2025-59156
5 Jan 202619:06
circl
Circl
CVE-2025-59157
5 Jan 202618:21
circl
Circl
CVE-2025-59158
5 Jan 202619:06
circl
Circl
CVE-2025-64419
5 Jan 202620:25
circl
Circl
CVE-2025-64420
5 Jan 202620:25
circl
Circl
CVE-2025-64424
5 Jan 202622:07
circl
Circl
CVE-2025-66209
23 Dec 202509:00
circl
Circl
CVE-2025-66210
23 Dec 202509:00
circl
Circl
CVE-2025-66211
23 Dec 202509:00
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation