Vulnerabilities
CVE-2025-64419 - Coolify vulnerable to command injection via docker-compose.yaml parameters - Expert Insights
CVE ID : CVE-2025-64419 Published : Jan. 5, 2026, 8:16 p.m. | 56 minutes ago Description : Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters coming from docker-compose.yaml are not sanitized when used in commands. If a victim user creates an application from an attacker repository (using build pack
Source: Telegram CVE Monitor