CVE-2025-64425

Name of the Vulnerable Software and Affected Versions Coolify versions up to and including 4.0.0-beta.434

Description Coolify is a self-hostable tool for managing servers, applications, and databases. An attacker can initiate a password reset for a victim and modify the host header of the request to a malicious value. The victim receives a password reset email containing a link to the attacker's server. If the victim clicks this link, their reset token is sent to the attacker, enabling them to change the victim’s password and take over the account. The vulnerability involves manipulating the host header in a password reset request. The affected API endpoint is the password reset functionality. The vulnerable parameter is the host header.

Recommendations Versions prior to 4.0.0-beta.434 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.