Skip to content

CVE lookup

CVE-2026-34047

Pruva has a verified reproduction for CVE-2026-34047: Coolify terminal WebSocket endpoints lack proper authorization checks, allowing low-privileged members to access terminal functionality and achieve remote command execution on managed hosts.. The canonical evidence record is REPRO-2026-00275.

REPRO

REPRO-2026-00275

Package

coollabsio/coolify · Composer

Severity

CRITICAL

Status

published