CVE-2026-27883
MediumCVSS 5.0Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
Coolify prior to version 4.0.0-beta.464 has a vulnerability in the GET /api/v1/deployments/{uuid} endpoint that allows any authenticated user to access deployment details of any team, bypassing team-based authorization. The issue stems from the $teamId extracted from the authentication token not being used to scope the database query.
Risk Assessment
The organization is at risk of leaking sensitive deployment information from other teams, potentially exposing application configurations, environment data, or secrets.
Recommendation
Immediately update Coolify to version 4.0.0-beta.464 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the `GET /api/v1/deployments/{uuid}` endpoint allows any authenticated user to access deployment details belonging to any team, bypassing team-based authorization. The $teamId is extracted from the authentication token but never used to scope the database query. This vulnerability is fixed in 4.0.0-beta.464.

