Asleep123

**Name of the Vulnerable Software and Affected Versions** Dokploy versions prior to 0.26.6 **Description** Dokploy is a self-hostable Platform as a Service (PaaS). Installations prior to version 0.26.6 utilize a hardcoded password within the installation script, specifically at the provided URL: ''https://dokploy.com/install.sh'', line 154, when creating the database container. This results in a consistent database credential across most Dokploy deployments, potentially leading to compromise. **Recommendations** Update to version 0.26.6 or later.