CVE-2025-53376 | dokploy up to 0.23.6 tRPC Procedure appName os command injection (GHSA-m486-7pmj-8cmv)

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability has been found in dokploy up to 0.23.6 and classified as critical. This vulnerability affects unknown code of the component tRPC Procedure. The manipulation of the argument appName leads to os command injection.

This vulnerability was named CVE-2025-53376. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-53376 | dokploy up to 0.23.6 tRPC Procedure appName os command injection (GHSA-m486-7pmj-8cmv)

Post correlati

CVE-2024-26614 | Linux Kernel up to 6.8-rc1 tcp qspinlock_paravirt.h accept_queue state issue

CVE-2024-24444 | OpenAirInterface CN5G AMF up to 2.0.0 File Descriptor denial of service

CVE-2024-43242 | azzaroco Ultimate Membership Pro Plugin up to 12.6 on WordPress deserialization

CVE-2024-31352 | Email Subscribers & Newsletters Plugin up to 5.7.13 on WordPress authorization