Vulnerabilities ›

CVE-2025-64424

High ⚡ Exploit Available

Critical Command Injection in Coolify Server Management Platform Enables Root Access

CWE-77 — Weakness Type

                    Published: Jan 5, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

8.8

🔗 NVD Official

📄 Description (English)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, a command injection vulnerability exists in the git source input fields of a resource, allowing a low privileged user (member) to execute system commands as root on the Coolify instance. As of time of publication, it is unclear if a patch is available.

🤖 AI Executive Summary

Coolify versions up to v4.0.0-beta.434 contain a command injection vulnerability in git source input fields that allows low-privileged users to execute arbitrary system commands as root. This vulnerability poses a critical risk to self-hosted Coolify deployments used for server and application management.

📄 Description (Arabic)

ثغرة حقن الأوامر في Coolify تسمح للمستخدمين ذوي الامتيازات المنخفضة بتنفيذ أوامر نظام عشوائية بصلاحيات جذر من خلال حقول إدخال مصدر Git. تؤثر الثغرة على جميع النسخ حتى v4.0.0-beta.434 ولم يتم تأكيد توفر تصحيح حتى وقت النشر.

🤖 ملخص تنفيذي (AI)

🤖 AI Intelligence Analysis Analyzed: May 1, 2026 10:17

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government telecom energy banking

🎯 MITRE ATT&CK Techniques

T1190 T1059 T1548

⚖️ Saudi Risk Score (AI)

9.0

/ 10.0

🔧 Remediation Steps (English)

Immediately upgrade Coolify to a patched version beyond v4.0.0-beta.434 when available. Restrict access to Coolify instances to trusted users only, implement network segmentation to limit exposure, disable git-based deployments if not required, and monitor system logs for suspicious command execution patterns. Apply principle of least privilege to user accounts.

🔧 خطوات المعالجة (العربية)

قم بترقية Coolify فوراً إلى نسخة مصححة تتجاوز v4.0.0-beta.434 عند توفرها. قيد الوصول إلى مثيلات Coolify للمستخدمين الموثوقين فقط، وطبق تقسيم الشبكة لتقليل التعرض، وعطل النشر المستند إلى git إذا لم يكن مطلوباً، وراقب سجلات النظام للأنماط المريبة. طبق مبدأ الامتيازات الأقل للحسابات.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.7.1.1 A.7.1.2 A.9.2.1 A.9.4.3

🔵 SAMA CSF

ID.BE-1 PR.AC-1 PR.AC-4 DE.CM-1

🟡 ISO 27001:2022

A.5.1.1 A.6.1.1 A.7.1.1 A.9.2.1 A.9.4.3

🔗 References & Sources 3

🔗

https://drive.google.com/file/d/1rk7AYxNDkJUwo8uWbzX62PpBxpDYeyrZ/view?usp=drive_link

security-advisories@github.com

Exploit

🔗

https://github.com/coollabsio/coolify/security/advisories/GHSA-qx24-jhwj-8w6x

security-advisories@github.com

Exploit Vendor Advisory

🔗

https://github.com/coollabsio/coolify/security/advisories/GHSA-qx24-jhwj-8w6x

134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit Vendor Advisory

📦 Affected Products / CPE 50 entries

coollabs:coolify

coollabs:coolify:4.0.0

📊 CVSS Score

8.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score8.8

CWECWE-77

EPSS0.47%

Exploit ✓ Yes

Patch ✓ Yes

Published 2026-01-05

Source Feed nvd

🇸🇦 Saudi Risk Score

9.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

exploit-available CWE-77

🏢 Vendor Advisories

🔗 https://github.com/coollabsio/coolify/security/advis... 🔗 https://github.com/coollabsio/coolify/security/advis...

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2025-64424

💬 Comments

Introduce Yourself

Sign In Required