CVE-2026-34592

HIGH

Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure

Title source: cna
STIX 2.1

Description

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and project lookups are not scoped to the current team, allowing any authenticated user to access servers and projects belonging to other teams by specifying their IDs directly. This vulnerability is fixed in 4.0.0-beta.471.

References (1)

Core 1
Core References

Scores

CVSS v3 7.7
EPSS 0.0020
EPSS Percentile 10.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-639
Status published
Products (1)
coollabsio/coolify < 4.0.0-beta.471
Published Jun 29, 2026
Tracked Since Jun 30, 2026