CVE-2025-22605

Name of the Vulnerable Software and Affected Versions Coolify versions 4.0.0-beta.18 through 4.0.0-beta.252

Description A vulnerability in the execution of commands on remote servers allows an authenticated user to execute arbitrary code on the local Coolify container, gaining access to data and private keys or tokens of other users/teams. This gives authenticated attackers the ability to fully retrieve and control the data and availability of the software. Centrally hosted Coolify instances are especially at risk, as sensitive data of all users and connected servers can be leaked by any user. Attackers are also able to modify the running software, potentially deploying malicious images to remote nodes or changing its behavior.

Recommendations For versions 4.0.0-beta.18 through 4.0.0-beta.252, update to version 4.0.0-beta.253 to resolve the issue. As a temporary workaround, consider restricting access to the command execution feature on remote servers until the update is applied. Additionally, restrict access to sensitive data and private keys or tokens to minimize the risk of exploitation.