CVE-2025-64424 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a c…
Critical CVSS: 9.4

CVE-2025-64424

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a command injection vulnerability exists in the git source input fields of a resource, allowing a low privileged user (member) to execute system commands as root on the Coolify instance. As of time of publication, it is unclear if a patch is available.
Vendor
Coollabs
Product
Coolify
CWE
CWE-77
Yayın Tarihi
2026-01-05 21:16:12
Güncelleme
2026-01-12 18:37:11
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-77 Coolify CRITICAL Coollabs 2026

Referanslar

https://drive.google.com/file/d/1rk7AYxNDkJUwo8uWbzX62PpBxpDYeyrZ/view?usp=drive_link https://github.com/coollabsio/coolify/security/advisories/GHSA-qx24-jhwj-8w6x https://github.com/coollabsio/coolify/security/advisories/GHSA-qx24-jhwj-8w6x