File Upload Vulnerability in Coolify Affects Server Management Tool
CVE-2026-42145
3.1LOW
What is CVE-2026-42145?
Coolify, an open-source server management application, has a file upload vulnerability in its database backup restore feature before version 4.0.0-beta.474. This issue arises from the lack of validation on the file type and size during uploads, which permitted authenticated users to upload potentially harmful or excessively large files. Such actions could lead to service disruptions and overall degradation of system performance. Users are advised to upgrade to the fixed version to mitigate these risks and ensure the integrity of their server management operations.
Affected Version(s)
coolify < 4.0.0-beta.474
