Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
PR:H reflects mandatory admin access; C/I/A raised to H because container escape enables full arbitrary code execution on the managed host.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the executeInDocker() helper wraps commands in bash -c '{$command}' without escaping single quotes. User-controlled docker_compose_custom_build_command and docker_compose_custom_start_command fields are interpolated directly, allowing a single quote to break out of the bash -c argument and execute commands on the managed server host (outside the intended Docker container context). This vulnerability is fixed in 4.0.0-beta.464.
AnalysisAI
{$command}' invocation without sanitizing single quotes, and the user-controlled docker_compose_custom_build_command and docker_compose_custom_start_command fields are interpolated directly into that shell string. No public exploit has been identified at time of analysis, but the CVSS scope-change flag (S:C) confirms the critical container-to-host escape dimension, and the injection technique is well-understood - making the practical impact substantially higher than the reported 6.6 base score implies.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated Coolify user holding high-privilege (admin-level) access, specifically the permission to set or modify `docker_compose_custom_build_command` or `docker_compose_custom_start_command` for a Coolify-managed application. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor-assigned CVSS 3.1 score of 6.6 (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L) materially understates real-world impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A Coolify administrator - or an attacker who has obtained admin credentials through phishing or credential stuffing - navigates to an application's Docker Compose configuration and sets `docker_compose_custom_build_command` to a value such as `'; malicious_command #`. When a build or start operation is triggered, `executeInDocker()` passes this value into `bash -c ''; malicious_command #'`, causing the host shell to execute `malicious_command` directly on the managed server outside the Docker container context. … |
| Remediation | The vendor-released patch is Coolify 4.0.0-beta.464, which fixes the injection by properly escaping single quotes within the `executeInDocker()` helper before constructing the `bash -c` shell invocation. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac
Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build
Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve
Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40332