CNNVD-202601-824 Information
Jan 05, 2026
cve
CNNVD ID
CNNVD-202601-824
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify v4.0.0-beta.434及之前版本存在安全漏洞,该漏洞源于低权限用户可使用发送给管理员邀请链接,可能导致权限提升。
Description (English)
Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. There is a security loophole in the Coolify v. 4.0.0-beta 434 and earlier versions, which stems from the low-permit user ’ s access to the invitation link sent to the administrator, which may lead to an increase in privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
coolLabs
Published
2026-01-05
Last Modified
2026-02-24
References
https://github.com/coollabsio/coolify/security/advisories/GHSA-4fqm-797g-7m6j
Patch
https://github.com/coollabsio/coolify/releases
Share on: