PT-2026-44932 · Dokploy · Dokploy

Davidcarliez

·

Published

2026-05-29

·

Updated

2026-05-29

·

CVE-2026-45628

CVSS v3.1

9.6

Critical

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.29.3
Description Dokploy constructs shell commands using JavaScript template literals and executes them via the child process.exec() function, which runs through /bin/sh -c. User-supplied data, specifically branch names, repository URLs, and Docker credentials, are interpolated directly into these commands without proper escaping. This allows an authenticated user with application create or edit privileges to perform command injection.
Recommendations Update to a version later than 0.29.2.

Exploit

Fix

RCE

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45628
GHSA-3FRC-CFH9-CH2C

Affected Products

Dokploy