CVE-2025-64419 | coollabsio coolify prior 4.0.0-beta.445 docker-compose.yaml command injection (GHSA-234r-xrrg-m8f3)

Inserito da Angelo Barbosa | Gen 6, 2026 | CVE

A vulnerability labeled as critical has been found in coollabsio coolify 4.0.0-beta.253/4.0.0-beta.359/4.0.0-beta.361/4.0.0-beta.374/4.0.0-beta.420.7. Impacted is an unknown function of the file docker-compose.yaml. Such manipulation leads to command injection.

This vulnerability is listed as CVE-2025-64419. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.

CVE-2025-64419 | coollabsio coolify prior 4.0.0-beta.445 docker-compose.yaml command injection (GHSA-234r-xrrg-m8f3)

Post correlati

CVE-2024-0954 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.7 on WordPress data-eael-wrapper-link Wrapper cross site scripting (ID 3029928)

CVE-2024-10466 | Mozilla Thunderbird up to 131 Push Message denial of service

CVE-2024-2123 | Ultimate Member Plugin up to 2.8.3 on WordPress cross site scripting

CVE-2025-5801 | Digital Events Calendar Plugin up to 1.0.8 on WordPress column cross site scripting