What is the CVSS score of CVE-2026-45633?

CVE-2026-45633 has a CVSS 3.1 base score of 9.9 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.2%.

Which versions of Dokploy are affected by CVE-2026-45633?

Dokploy self-hosted deployment platform versions 0.26.6 and earlier contain a critical root-access vulnerability exploitable by any active user account, enabling complete takeover of managed…

Dokploy CVE-2026-45633

EUVD-2026-33353 CRITICAL

OS Command Injection (CWE-78)

2026-05-29 GitHub_M

Docker Command Injection

9.9

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 29, 2026 - 17:52 vuln.today

CVE Published

May 29, 2026 - 16:10 nvd

CRITICAL 9.9

DescriptionNVD

Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing authenticated users to execute arbitrary commands with root privileges.

AnalysisAI

Authenticated command injection in Dokploy 0.26.6 and earlier enables any logged-in user to run arbitrary OS commands as root via the /docker-container-logs WebSocket endpoint. The tail and since parameters are concatenated into shell commands without validation, yielding a CVSS 9.9 (Scope:Changed) issue affecting this self-hosted PaaS. …

RemediationAI

24 hours: Restrict network access to /docker-container-logs WebSocket endpoint via firewall; audit and validate all active user sessions; enable MFA on all accounts. 7 days: Implement WAF or firewall rules blocking shell command injection patterns in WebSocket parameters; establish continuous monitoring for WebSocket-based exploitation attempts; identify all affected Dokploy instances and document versions in deployment inventory. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-45633 vulnerability details – vuln.today

Back

Dokploy CVE-2026-45633

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code