Security researchers have uncovered three critical vulnerabilities in Coolify, the open-source platform used for managing servers, applications, and databases. All three flaws have been assigned the maximum CVSS score of 10, indicating severe security risks requiring system administrators' immediate attention.
The vulnerabilities, identified as CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609, stem from insufficient authorization checks within the platform. Each flaw potentially enables attackers to execute remote commands on affected systems, effectively granting them complete control over vulnerable installations.
The first vulnerability (CVE-2025-22612) allows authenticated users to extract private keys in plain text from any Coolify instance. If an attacker's server configuration matches the victim's settings, they can leverage these keys to execute arbitrary commands on the remote server.
The second flaw (CVE-2025-22611) presents a significant privilege escalation risk. Attackers can exploit this vulnerability to elevate their own or other team members' privileges to owner status, potentially ejecting legitimate administrators from the system. Once elevated, attackers can access the terminal feature and execute remote commands at will.
The third vulnerability (CVE-2025-22609) enables attackers to hijack existing private keys within a Coolify instance and attach them to their own servers. Similar to the first vulnerability, if server configurations align, attackers can gain unauthorized terminal access and execute arbitrary commands on victims' servers.
All versions of Coolify prior to v4.0.0-beta.374 are affected by these vulnerabilities. The development team has released patches to address these security issues, and organizations are strongly advised to update their installations immediately.
For organizations unable to patch immediately, security experts recommend implementing temporary mitigation measures, including restricting access to Coolify platforms and enhancing system monitoring to detect potential exploitation attempts.
Organizations using Coolify should prioritize these updates to protect their systems from potential compromises and data breaches.