CVE-2026-27956 | coollabsio coolify up to 4.0.0-beta.463 Query Parameter /api/v1/servers authorization (GHSA-9x6p-29p3-h466)

SecurityVulns

A vulnerability labeled as problematic has been found in coollabsio coolify up to 4.0.0-beta.463. Affected is an unknown function of the file /api/v1/servers of the component Query Parameter Handler. Such manipulation leads to authorization bypass.

This vulnerability is documented as CVE-2026-27956. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More