Remote Code Execution Vulnerability in Coolify by Coollabs
CVE-2026-59734
8.8HIGH
What is CVE-2026-59734?
Coolify, an open-source tool designed for managing servers, applications, and databases, had an issue in its ApplicationDeploymentJob.php file prior to version 4.0.0-beta.469. The vulnerable generate_healthcheck_commands() function improperly handled user-provided parameters, allowing authenticated users to inject arbitrary commands into shell execution. This flaw compromises the integrity of deployment containers by enabling unauthorized access. The vulnerability has been addressed in the subsequent update, reinforcing the importance of keeping software versions up to date.
Affected Version(s)
coolify < 4.0.0-beta.469
