CVE lookup
CVE-2026-34047
Pruva has a verified reproduction for CVE-2026-34047: Coolify terminal WebSocket endpoints lack proper authorization checks, allowing low-privileged members to access terminal functionality and achieve remote command execution on managed hosts.. The canonical evidence record is REPRO-2026-00275.
REPRO
REPRO-2026-00275
Package
coollabsio/coolify · Composer
Severity
CRITICAL
Status
published