HIGH🇵🇱 Wersja polska

CVE-2025-64425

CVSS 8.5v4.0pub. 2026-01-05upd. 2026-01-12

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including v4.0.0-beta.434, an attacker can initiate a password reset for a victim, and modify the host header of the request to a malicious value. The victim will receive a password reset email, with a link to the malicious host. If the victim clicks this link, their reset token is sent to the attacker's server, allowing the attacker to use it to change the victim's password and takeover their account. As of time of publication, it is unclear if a patch is available.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Coollabs Coolify

    APP
    Coollabs
    4.0.0< 4.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-59158CRITICAL9.4PL ✓ten sam produkt

Stored XSS w Coolify — atak przez złośliwą nazwę projektu

CVE-2025-64419CRITICAL9.6PL ✓ten sam produkt

Command injection w Coolify via docker-compose.yaml — RCE jako root

CVE-2025-59156CRITICAL9.4PL ✓ten sam produkt

RCE w Coolify — command injection w konfiguracji Docker Compose

CVE-2025-59157CRITICAL9.9PL ✓ten sam produkt

Command injection w polu Git Repository w Coolify

CVE-2025-64420CRITICAL9.9PL ✓ten sam produkt

Coolify: nieuprawniony dostęp do prywatnego klucza SSH użytkownika root