CVE-2026-27955 | coollabsio coolify up to 4.0.0-beta.463 Docker Container executeInDocker command os command injection (GHSA-6h8g-wpxp-cq98)

SecurityVulns

A vulnerability identified as critical has been detected in coollabsio coolify up to 4.0.0-beta.463. This impacts the function executeInDocker of the component Docker Container Handler. This manipulation of the argument command causes os command injection.

This vulnerability is registered as CVE-2026-27955. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More