Vulnerabilities in Dokploy
18 resultsCVE-2026-24841CRITICALDokploy Vulnerable to Authenticated Remote Code Execution via Command Injection in Docker Container Terminal WebSocket EndpointEPSS 2.5%CVE-2025-53376MEDIUMDokploy allows attackers to run arbitrary OS commands on the Dokploy host.EPSS 1.1%CVE-2026-27130CRITICALDokploy has Command Injection in its Service OperationsEPSS 1.0%CVE-2026-45633CRITICALDokploy: Command Injection in /docker-container-logs EndpointEPSS 0.9%CVE-2026-45663CRITICALDokploy: Remote Code Execution via destinationPath in Container File UploadEPSS 0.9%CVE-2026-45662HIGHDokploy: Command Injection via incomplete shell escaping in docker logout (registry deletion)EPSS 0.8%CVE-2026-45630CRITICALDokploy: Authenticated Remote Code Execution via Command Injection in updateTraefikConfig Echo StatementEPSS 0.8%CVE-2026-45629CRITICALDokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment WebSocket EndpointEPSS 0.8%CVE-2026-45661CRITICALDokploy: Remote Code Execution through Path TraversalEPSS 0.7%CVE-2025-53825CRITICALDokploy's Preview Deployments are vulnerable to Remote Code ExecutionEPSS 0.5%CVE-2025-53375MEDIUMDokploy allows attackers to read any file that the Traefik process user can accessEPSS 0.4%CVE-2026-45631CRITICALDokploy: Pre-Auth Admin Takeover via Hardcoded Authentication SecretEPSS 0.4%CVE-2026-24840HIGHDokploy uses hardcoded credentials in installation script, which could result in database accessEPSS 0.3%CVE-2026-45632CRITICALDokploy: Schedule Authorization Bypass Enables Host/Server Command ExecutionEPSS 0.3%CVE-2026-45628CRITICALDokploy: Command Injection via Unescaped Branch Fields in Deployment PipelineEPSS 0.2%CVE-2026-43917MEDIUMDokploy: Cross-Organization IDOR - Multiple tRPC endpoints missing activeOrganizationId validationEPSS 0.2%CVE-2025-53374LOWDokploy Improperly Discloses User Information via user.one EndpointEPSS 0.2%CVE-2026-24839MEDIUMDokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headersEPSS 0.2%