A vulnerability labeled as critical has been found in coollabsio Coolify up to 4.0.0-beta.465. This affects an unknown function of the component Setting Handler. Executing a manipulation of the argument sentinel_token can lead to os command injection.
This vulnerability is tracked as CVE-2026-34034. The attack can be launched remotely. No exploit exists.