CVE-2026-54636
CriticalCVSS 9.0Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
A vulnerability in Dokku prior to version 0.38.7 allows escape from a Docker container via special shell characters in cron commands in the app.json file. An attacker can execute arbitrary commands on the host as the Dokku user.
Risk Assessment
The risk involves potential host compromise, leading to breach of confidentiality, integrity, and availability of data and services.
Recommendation
Immediately upgrade Dokku to version 0.38.7 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, > or ; - can break out of the Docker container and execute commands on the host as the Dokku user. This vulnerability is fixed in 0.38.7.

