Skip to main content
CVE-2025-66211 HIGH POC This Week

An authenticated command injection vulnerability in Coolify's PostgreSQL initialization script handling allows attackers with application/service management permissions to execute arbitrary commands as root on managed servers. The vulnerability affects all Coolify versions prior to 4.0.0-beta.451 and enables full remote code execution through unsanitized PostgreSQL init script filenames passed to shell commands. A public proof-of-concept exploit is available, and while not currently in CISA KEV, the vulnerability has a moderate EPSS score of 0.41% indicating some exploitation probability.

Command Injection PostgreSQL RCE Privilege Escalation Docker +1
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-66210 HIGH POC This Week

A command injection vulnerability in Coolify's Database Import functionality allows authenticated users with application/service management permissions to execute arbitrary system commands as root on managed servers. The vulnerability stems from unsanitized database names being passed directly to shell commands, enabling full remote code execution. A public proof-of-concept exploit is available, and with an EPSS score of 0.41% (61st percentile), this represents a moderate real-world exploitation risk for organizations using vulnerable Coolify versions.

Command Injection RCE Docker Linux Coolify
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-66213 HIGH POC PATCH This Week

An authenticated command injection vulnerability in Coolify's File Storage Directory Mount Path functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. The vulnerability affects all Coolify versions prior to 4.0.0-beta.451 and has a publicly available proof-of-concept exploit, though current exploitation probability remains relatively low at 0.20% according to EPSS data. Attackers can achieve full remote code execution with root privileges on the host system by exploiting unsanitized input in the file_storage_directory_source parameter.

Command Injection RCE Coolify
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-66212 HIGH POC PATCH This Week

An authenticated command injection vulnerability in Coolify's Dynamic Proxy Configuration Filename handling allows users with application/service management permissions to execute arbitrary commands as root on managed servers. The vulnerability affects all Coolify versions prior to 4.0.0-beta.451, with a publicly available proof-of-concept exploit and moderate exploitation likelihood (EPSS 20%, percentile 41%). Attackers can achieve full remote code execution with root privileges by injecting shell commands through unescaped proxy configuration filenames.

Command Injection RCE Coolify
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-68696 HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) in HTTParty 0.23.2 and earlier enables remote unauthenticated attackers to force the application to make arbitrary HTTP requests to internal network resources and third-party services, potentially leaking API keys and credentials embedded in outbound requests or accessing internal-only endpoints. Publicly available exploit code exists (GitHub Security Advisory GHSA-hm5p-x4rq-38w4), and the CVSS E:P modifier confirms proof-of-concept exploitation. Vendor-released patch is available via commit 0529bcd, though a tagged release version is not confirmed from provided data. EPSS data not provided, but SSRF vulnerabilities targeting API libraries typically see exploitation within weeks of public disclosure due to their prevalence in cloud-native environments.

SSRF Httparty Red Hat
NVD GitHub
CVSS 4.0
7.8
EPSS
0.1%
CVE-2025-65865 HIGH POC This Week

Remote denial of service in eProsima Fast-DDS v3.3.0 allows unauthenticated network attackers to crash affected processes by sending crafted input that triggers an integer overflow (CWE-190). Fast-DDS is the default DDS middleware in ROS 2, so exploitation can take down robotics and distributed control nodes without any credentials or user interaction. Publicly available exploit code exists (GitHub PoC), though EPSS remains low (0.41%, 33rd percentile) and the CVE is not listed in CISA KEV.

Integer Overflow Denial Of Service Fast Dds
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-68561 HIGH This Week

SQL injection in AutomatorWP WordPress plugin through version 5.2.4 allows authenticated attackers to execute arbitrary SQL commands. The vulnerability exists in the plugin's database query handling where user-supplied input is not properly sanitized before being used in SQL statements. While EPSS scoring indicates low exploitation probability (0.04th percentile), the SQL injection vector represents a critical capability if exploited, potentially enabling data exfiltration, modification, or deletion from the affected WordPress database.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-68550 HIGH This Week

Blind SQL injection in WPBulky WordPress plugin through version 1.1.13 allows high-privileged authenticated attackers to extract database contents and potentially cause limited service disruption. The vulnerability exists in the bulk edit functionality where user-supplied input is improperly sanitized before inclusion in SQL queries. With EPSS score of 0.04% (12th percentile) and no public exploit code identified, immediate mass exploitation appears unlikely, though administrator-level compromise could enable data exfiltration from WordPress databases.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-68560 HIGH This Week

Local file inclusion vulnerability in CodexThemes TheGem Theme Elements (for Elementor) WordPress plugin through version 5.10.5.1 allows attackers to read arbitrary files from the server via improper control of filename parameters in PHP include/require statements. The vulnerability carries a low EPSS score of 0.17% (38th percentile), indicating minimal real-world exploitation probability despite being a classic PHP file inclusion flaw affecting an Elementor page builder plugin.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-68546 HIGH This Week

Local File Inclusion in Nika WordPress theme through version 1.2.14 allows authenticated attackers with low-level privileges to read arbitrary files on the server via improper filename validation in PHP include/require statements. EPSS score of 0.17% (38th percentile) indicates low predicted exploitation probability. No public exploit code or active exploitation confirmed at time of analysis, though Patchstack's disclosure suggests vulnerability details are documented.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-68544 HIGH This Week

Local File Inclusion (LFI) vulnerability in the Diza WordPress theme (≤1.3.15) enables low-privileged authenticated attackers to include arbitrary local files, potentially leading to remote code execution, sensitive data exposure, or complete site compromise. The CVSS score of 7.5 reflects high complexity network-based attack requiring authentication. EPSS exploitation probability is low (0.17%, 38th percentile), with no confirmed active exploitation or public proof-of-concept at time of analysis, though the vulnerability has been cataloged by Patchstack's security research team.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-11419 HIGH PATCH GHSA This Week

TLS renegotiation exhaustion in Keycloak allows unauthenticated remote denial of service via repeated client-initiated TLS 1.2 renegotiation requests that drain CPU resources. Affects Red Hat Single Sign-On deployments using TLS 1.2 with client renegotiation enabled. EPSS exploitation probability and KEV status not available at analysis time; CVSS 7.5 (High) reflects network-accessible attack with low complexity but availability impact only. Red Hat has issued multiple security advisories (RHSA-2025:18254, 18255, 18889, 18890) addressing this flaw.

Denial Of Service Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13183 HIGH This Week

Stored cross-site scripting in Hotech Software's Otello product (versions 2.4.0 through 2.4.3) allows authenticated low-privileged attackers to inject persistent malicious scripts that execute in other users' browsers upon viewing affected pages. Reported by Turkey's national CERT (USOM), the vulnerability carries a 7.3 CVSS score with high confidentiality and integrity impact, though no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.03%.

XSS
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy