CVE-2026-34047 in Coolifyinfo

Summary

by MITRE • 07/07/2026

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not enforce the expected authorization middleware, allowing an authenticated user to access terminal functionality for resources outside the authorized scope and potentially execute commands. This issue is fixed in version 4.0.0-beta.471.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/07/2026

The vulnerability identified in Coolify versions prior to 4.0.0-beta.471 represents a critical authorization flaw that undermines the security model of this self-hostable management platform. This issue specifically affects the terminal WebSocket bootstrap routes which are designed to provide secure access to terminal functionality for managing servers, applications, and databases. The flaw stems from inadequate middleware enforcement during the bootstrap process, creating a path where authenticated users can bypass normal access controls and gain unauthorized access to terminal capabilities for resources they should not be permitted to manage.

The technical implementation of this vulnerability manifests in the WebSocket connection establishment phase where the system fails to properly validate user permissions against the target resource scope. This authorization bypass allows an authenticated user to manipulate the terminal interface to access systems, applications, or databases outside their authorized boundaries. The flaw operates at the application layer and specifically targets the session management and access control mechanisms that should normally prevent such cross-scope operations. According to CWE classification, this represents a weakness in authorization enforcement where the system fails to properly verify user permissions before granting access to sensitive functionality.

The operational impact of this vulnerability is significant for organizations relying on Coolify for infrastructure management. An attacker with valid authentication credentials could potentially execute arbitrary commands on systems beyond their authorized scope, leading to unauthorized access to sensitive data, service disruption, or even complete system compromise. The implications extend beyond simple privilege escalation as the terminal functionality allows for direct command execution, making this a high-severity issue that could facilitate further attacks within the network environment. This vulnerability creates opportunities for attackers to move laterally across systems and escalate their privileges through the terminal access capabilities.

Security mitigations for this vulnerability should focus on implementing proper middleware enforcement during WebSocket bootstrap processes. The fix implemented in version 4.0.0-beta.471 requires comprehensive authorization checks before establishing terminal connections, ensuring that users can only access terminal functionality for resources within their authorized scope. Organizations should immediately upgrade to the patched version and conduct thorough security assessments of their Coolify deployments. Additionally, implementing network segmentation, monitoring WebSocket connection patterns, and regular access control reviews can help detect and prevent exploitation attempts. From an ATT&CK framework perspective, this vulnerability maps to privilege escalation techniques and command execution capabilities that attackers could leverage for persistent access within compromised environments.

Responsible

GitHub M

Reservation

03/25/2026

Disclosure

07/07/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!