CVE-2026-34037 - Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo()
CVE ID :CVE-2026-34037 Published : July 7, 2026, 4:17 a.m. | 56 minutes ago Description :Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo() Livewire action in ResourceOperations.php authorizes the source...