CNNVD-202601-828 Information
Jan 05, 2026
cve
CNNVD ID
CNNVD-202601-828
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify v4.0.0-beta.434及之前版本存在安全漏洞,该漏洞源于低权限用户可邀请高权限用户,可能导致权限提升。
Description (English)
Coolify is an open-source and self-hosted Heroku/Netlift/Vercel alternative to the coolLabs open source. There is a security loophole in Coolify v. 4.0.0-beta 434 and earlier versions, which stems from the fact that low-licensed users can invite high-licensed users, which may lead to enhanced privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
coolLabs
Published
2026-01-05
Last Modified
2026-02-24
References
https://drive.google.com/file/d/1YZHFgiZv_k9p9909A63DAErsTsh8K1rc/view?usp=drive_link https://github.com/coollabsio/coolify/security/advisories/GHSA-4p6r-m39m-9cm9