dokploy

Top products

The 15 most recently published vulnerabilities affecting dokploy.

• CVE-2026-45629Dokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment WebSocket Endpoint9.9May 29, 2026
• CVE-2026-45628Dokploy: Command Injection via Unescaped Branch Fields in Deployment Pipeline9.6May 29, 2026
• CVE-2026-45630Dokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo Statement9.0May 29, 2026
• CVE-2026-45631Dokploy: Pre-Auth Admin Takeover via Hardcoded Authentication Secret10.0May 29, 2026
• CVE-2026-45632Dokploy: Schedule Authorization Bypass Enables Host/Server Command Execution9.9May 29, 2026
• CVE-2026-45633Dokploy: Command Injection in /docker-container-logs Endpoint9.9May 29, 2026
• CVE-2026-45661Dokploy: Remote Code Execution through Path Traversal9.9May 29, 2026
• CVE-2026-45662Dokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)8.8May 29, 2026
• CVE-2026-45663Dokploy: Remote Code Execution via destinationPath in Container File Upload9.9May 29, 2026
• CVE-2026-27130Dokploy has Command Injection in its Service Operations9.9May 18, 2026
• CVE-2026-24841Dokploy Vulnerable to Authenticated Remote Code Execution via Command Injection in Docker Container Terminal WebSocket Endpoint9.9Jan 28, 2026
• CVE-2026-24840Dokploy uses hardcoded credentials in installation script, which could result in database access8.0Jan 28, 2026
• CVE-2026-24839Dokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headers4.7Jan 28, 2026
• CVE-2025-53825Dokploy's Preview Deployments are vulnerable to Remote Code Execution9.4Jul 14, 2025
• CVE-2025-53375Dokploy allows attackers to read any file that the Traefik process user can access6.5Jul 7, 2025