PT-2026-56020 · Coolify · Coolify
Joshuaalwin
·
Published
2026-07-06
·
Updated
2026-07-06
·
CVE-2026-34599
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Coolify versions prior to 4.0.0-beta.471
Description
An authenticated command injection exists in the GetLogs Livewire component. Users with team membership, including those with the lowest privilege role, can execute arbitrary commands as root on managed servers. This occurs because the
$container Livewire public property is interpolated directly into shell commands, such as docker logs and docker service logs, without proper sanitization. Furthermore, the property lacks the #[Locked] attribute, allowing it to be modified by any client via the Livewire wire protocol.Recommendations
Update to version 4.0.0-beta.471.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Coolify