CVE-2025-64420
Last modified
CVE-2025-64420 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. EPSS estimates a 0.50% chance of exploitation in the next 30 days.
Description
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and authenticate as root user, using the private key. As of time of publication, it is unclear if a patch is available.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Coollabs | Coolify | < 4.0.0 | — |
| Coollabs | Coolify | 4.0.0 | Beta100 |
References
- https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpcExploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-64420?
How severe is CVE-2025-64420?
How do I fix CVE-2025-64420?
Are you affected by CVE-2025-64420?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST