CVE-2025-22607— Coolify Vulnerable to GitHub / GitLab OAuth Secrets Leak
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-22607
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Coolify Vulnerable to GitHub / GitLab OAuth Secrets Leak
Source: NVD (National Vulnerability Database)
Vulnerability Description
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the details page for any GitHub / GitLab configuration on a Coolify instance by only knowing the UUID of the model. This exposes the "client id", "client secret" and "webhook secret." Version 4.0.0-beta.361 fixes this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Coolify 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Coolify是coolLabs开源的一个开源和自托管的 Heroku/Netlify/Vercel 替代品。 Coolify 4.0.0-beta.361版本之前存在安全漏洞,该漏洞源于缺少授权,任何经过身份验证的用户只需知道模型的UUID,即可获取实例上任何配置的详细信息页面。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| coollabsio | coolify | < 4.0.0-beta.361 | - |
II. Public POCs for CVE-2025-22607
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-22607
请登录查看更多情报信息。
- GitHub / GitLab OAuth Secrets Leak · Advisory · coollabsio/coolify · GitHubx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2025-22607
Same Patch Batch · coollabsio · 2025-01-24 · 9 CVEs total
| CVE-2025-22609 | 10.0 CRITICAL | Coolify Vulnerable to Private Key Hijacking / Remote Command Execution (RCE) |
| CVE-2025-22612 | 10.0 CRITICAL | Coolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Ex |
| CVE-2025-22611 | 10.0 CRITICAL | Coolify vulnerable to Privilege Escalation resulting in Remote Command Execution (RCE) |
| CVE-2025-22608 | 6.5 MEDIUM | Coolify Vulnerable to Revocation of Arbitrary Team Invitations (DOS) |
| CVE-2025-22605 | Coolify OS Command Injection Vulnerability in SSH Command Generation | |
| CVE-2025-22606 | Coolify Command Injection Vulnerability in Project Name | |
| CVE-2025-22610 | Coolify Vulnerable to OAuth Secrets Leak | |
| CVE-2025-24025 | Coolify Vulnerable to Reflected XSS on Tag Search |
IV. Related Vulnerabilities
Same product: coolify
- CVE-2025-64425
Coolify has host header injection in forgot password - CVE-2025-64424
Colify has command injection vulnerability in project git so - CVE-2025-64423
Coolify has a Privilege Escalation - low privileged users ca - CVE-2025-64422
Rate-limit bypass on login via X-Forwarded-Host header - CVE-2025-64421
Coolify has a privilege escalation - low privileged user can
Same vendor: coollabsio
- CVE-2025-64425
Coolify has host header injection in forgot password - CVE-2025-64424
Colify has command injection vulnerability in project git so - CVE-2025-64423
Coolify has a Privilege Escalation - low privileged users ca - CVE-2025-64422
Rate-limit bypass on login via X-Forwarded-Host header - CVE-2025-64421
Coolify has a privilege escalation - low privileged user can
Same weakness: CWE-200
- CVE-2026-42333
quarkus-openapi-generator has overly broad path-parameter ma - CVE-2026-8198
Activity Logs, User Activity Tracking, Multisite Activity Lo - CVE-2026-42456
AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (ID - CVE-2026-41520
Cillium exposes sensitive information included in the cilium - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro
V. Comments for CVE-2025-22607
No comments yet