CVE-2026-24840

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.6

Description Dokploy is a self-hostable Platform as a Service (PaaS). Installations prior to version 0.26.6 utilize a hardcoded password within the installation script, specifically at the provided URL: ''https://dokploy.com/install.sh'', line 154, when creating the database container. This results in a consistent database credential across most Dokploy deployments, potentially leading to compromise.

Recommendations Update to version 0.26.6 or later.