Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances



January 08, 2026 at 03:23PM

Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution. The list of vulnerabilities is as follows - CVE-2025-66209 (CVSS score: 10.0) - A command injection vulnerability in the database backup functionality allows any authenticated

from The Hacker News https://ift.tt/8ixvQbp

Genrerating Link.... 15 seconds.

Your Link is Ready.

Share this post