A vulnerability was found in coollabsio Coolify up to 4.0.0-beta.470. It has been classified as critical. The affected element is an unknown function of the component TrustProxies. This manipulation of the argument X-Forwarded-Host causes weak password recovery.
This vulnerability is handled as CVE-2026-34198. The attack can be initiated remotely. There is not any exploit available.