Dokploy
Monthly
Dokploy self-hosted PaaS prior to 0.26.6 has a critical command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands on the host.
Dokploy versions before 0.26.6 contain hardcoded database credentials in the installation script, causing nearly all deployments to share identical credentials that can be obtained from the publicly available install.sh file. An authenticated attacker on the network can leverage these credentials to access the database, potentially achieving high-impact compromise of confidentiality, integrity, and availability. Public exploit code exists for this vulnerability and a patch is available in version 0.26.6 and later.
Dokploy versions up to 0.26.6 is affected by improper restriction of rendered ui layers or frames (CVSS 4.7).
CVE-2025-53825 is a critical unauthenticated remote code execution vulnerability in Dokploy versions prior to 0.24.3, where attackers can execute arbitrary code and access sensitive environment variables by simply opening a pull request on a public repository. This vulnerability affects all public Dokploy instances utilizing preview deployments and carries a CVSS score of 9.4 (Critical), with no authentication or user interaction required, making it immediately exploitable by any network-adjacent attacker.
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure docker.getContainersByAppNameMatch interpolates the attacker-supplied appName value into a Docker CLI call without sanitisation, enabling command injection under the Dokploy service account. This vulnerability is fixed in 0.23.7.
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7.
A security vulnerability in Dokploy (CVSS 4.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Dokploy self-hosted PaaS prior to 0.26.6 has a critical command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands on the host.
Dokploy versions before 0.26.6 contain hardcoded database credentials in the installation script, causing nearly all deployments to share identical credentials that can be obtained from the publicly available install.sh file. An authenticated attacker on the network can leverage these credentials to access the database, potentially achieving high-impact compromise of confidentiality, integrity, and availability. Public exploit code exists for this vulnerability and a patch is available in version 0.26.6 and later.
Dokploy versions up to 0.26.6 is affected by improper restriction of rendered ui layers or frames (CVSS 4.7).
CVE-2025-53825 is a critical unauthenticated remote code execution vulnerability in Dokploy versions prior to 0.24.3, where attackers can execute arbitrary code and access sensitive environment variables by simply opening a pull request on a public repository. This vulnerability affects all public Dokploy instances utilizing preview deployments and carries a CVSS score of 9.4 (Critical), with no authentication or user interaction required, making it immediately exploitable by any network-adjacent attacker.
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure docker.getContainersByAppNameMatch interpolates the attacker-supplied appName value into a Docker CLI call without sanitisation, enabling command injection under the Dokploy service account. This vulnerability is fixed in 0.23.7.
Dokploy is a self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access (e.g., /etc/passwd, application source, environment variable files containing credentials and secrets). This may lead to full compromise of other services or lateral movement. This vulnerability is fixed in 0.23.7.
A security vulnerability in Dokploy (CVSS 4.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.