CVE-2026-45631 | dokploy up to 0.29.2 BETTER_AUTH_SECRET hard-coded credentials (GHSA-w3gm-rc4p-9rhj)

Inserito da Angelo Barbosa | Mag 29, 2026 | CVE

A vulnerability classified as critical has been found in dokploy up to 0.29.2. This affects an unknown function. The manipulation of the argument BETTER_AUTH_SECRET leads to hard-coded credentials.

This vulnerability is documented as CVE-2026-45631. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-45631 | dokploy up to 0.29.2 BETTER_AUTH_SECRET hard-coded credentials (GHSA-w3gm-rc4p-9rhj)

Post correlati

CVE-2025-1776 | Soteshop up to 8.3.3 searchResults query cross site scripting

CVE-2024-0179 | AMD Ryzen Embedded 8000 AmdCpmDisplayFeatureSMM input validation

CVE-2024-24810 | WiX Toolset up to 4.0.3 on Windows Installer untrusted search path (GHSA-7wh2-wxc7-9ph5)

CVE-2024-52355 | Hyumika OSM Plugin up to 6.1.2 on WordPress cross site scripting