Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution.
The list of vulnerabilities is as follows –
- CVE-2025-66209 (CVSS score: 10.0) – A command injection vulnerability in the database backup functionality allows any authenticated user with database backup permissions to execute arbitrary commands on the host server, resulting in container escape and full server compromise
- CVE-2025-66210 (CVSS score: 10.0) – An authenticated command injection vulnerability in the database import functionality allows attackers to execute arbitrary commands on managed servers, leading to full infrastructure compromise
- CVE-2025-66211 (CVSS score: 10.0) – A command injection vulnerability in the PostgreSQL init script management allows authenticated users with database permissions to execute arbitrary commands as root on the server
- CVE-2025-66212 (CVSS score: 10.0) – An authenticated command injection vulnerability in the Dynamic Proxy Configuration functionality allows users with server management permissions to execute arbitrary commands as root on managed servers
- CVE-2025-66213 (CVSS score: 10.0) – An authenticated command injection vulnerability in the File Storage Directory Mount functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers
- CVE-2025-64419 (CVSS score: 9.7) – A command injection vulnerability via docker-compose.yaml that enables attackers to execute arbitrary system commands as root on the Coolify instance
- CVE-2025-64420 (CVSS score: 10.0) – An information disclosure vulnerability that allows low-privileged users to view the private key of the root user on the Coolify instance, allowing them to gain unauthorized access to the server via SSH and authenticate as the root user using the key
- CVE-2025-64424 (CVSS score: 9.4) – A command injection vulnerability was found in the git source input fields of a resource, allowing a low-privileged user (member) to execute system commands as root on the Coolify instance
- CVE-2025-59156 (CVSS score: 9.4) – An operating system command injection vulnerability that allows a low-privileged user to inject arbitrary Docker Compose directives and achieve root-level command execution on the underlying host
- CVE-2025-59157 (CVSS score: 10.0) – An operating system command injection vulnerability that allows a regular user to inject arbitrary shell commands that execute on the underlying server by using the Git Repository field during deployment
- CVE-2025-59158 (CVSS score: 9.4) – An improper encoding or escaping of the data that allows an authenticated user with low privileges to conduct a stored cross-site scripting (XSS) attack during project creation that’s automatically executed in the browser context when an administrator later attempts to delete the project or its associated resource
The following versions are impacted by the shortcomings –
- CVE-2025-66209, CVE-2025-66210, CVE-2025-66211 – <= 4.0.0-beta.448 (Fixed in >= 4.0.0-beta.451)
- CVE-2025-66212, CVE-2025-66213 – <= 4.0.0-beta.450 (Fixed in >= 4.0.0-beta.451)
- CVE-2025-64419 – < 4.0.0-beta.436 (Fixed in >= 4.0.0-beta.445)
- CVE-2025-64420, CVE-2025-64424 – <= 4.0.0-beta.434 (Fix status unclear)
- CVE-2025-59156, CVE-2025-59157, CVE-2025-59158 – <= 4.0.0-beta.420.6 (Fixed in 4.0.0-beta.420.7)
 |
| Source: Censys |
According to data from attack surface management platform Censys, there are about 52,890 exposed Coolify hosts as of January 8, 2026, with most of them located in Germany (15,000), the U.S. (9,800), France (8,000), Brazil (4,200), and Finland (3,400)
While there are no indications that any of the flaws have been exploited in the wild, it’s essential that users move quickly to apply the fixes as soon as possible in light of their severity.
Update
Aikido, which is credited with discovering and reporting some of the vulnerabilities, including CVE-2025-64420 and CVE-2025-64424, said they have been fixed following responsible disclosure.
