CVE ID :CVE-2026-57498 Published : June 29, 2026, 8:12 p.m. | 5 hours ago Description :Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Coolify's API controllers consistently validate server ownership with...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-57498 - Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams' Servers

VERWANDTEARTIKEL

CVE-2026-58302 - LinuxCNC rtapi_app Privilege Escalation

CVE-2026-7656 - Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack

CVE-2026-34594 - Coolify: Authenticated Remote Code Execution via Command Injection in Destination Network Management

CVE-2026-34597 - Coolify: Authenticated Host RCE

CVE-2026-13763 - HTTP/2 Stream Parser Confusion Body-Inspection Bypass in AWS Application Load Balancer with AWS WAF

CVE-2026-43731 - Safari Use-After-Free Memory Corruption