Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Dokploy — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting Dokploy. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Dokploy serves as a deployment automation platform for web applications, enabling developers to streamline containerized service deployments. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, often stemming from improper input validation and access control weaknesses. The platform's seven recorded CVEs highlight recurring patterns in insecure default configurations and insufficient sanitization of user-supplied data. While no major public security incidents have been widely documented, the consistent discovery of critical vulnerabilities suggests ongoing challenges in secure coding practices and configuration management within the platform's architecture.

Top products by Dokploy: dokploy
CVE IDTitleCVSSSeverityPublished
CVE-2026-24841 Dokploy Vulnerable to Authenticated Remote Code Execution via Command Injection in Docker Container Terminal WebSocket Endpoint — dokployCWE-78 9.9 Critical2026-01-28
CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access — dokployCWE-798 8.0 High2026-01-28
CVE-2026-24839 Dokploy has a clickjacking vulnerability - Missing X-Frame-Options and CSP frame-ancestors headers — dokployCWE-1021 4.7 Medium2026-01-28
CVE-2025-53825 Dokploy's Preview Deployments are vulnerable to Remote Code Execution — dokployCWE-862 9.4 Critical2025-07-14
CVE-2025-53375 Dokploy allows attackers to read any file that the Traefik process user can access — dokployCWE-22 8.8AIHighAI2025-07-07
CVE-2025-53376 Dokploy allows attackers to run arbitrary OS commands on the Dokploy host. — dokployCWE-78 8.8AIHighAI2025-07-07
CVE-2025-53374 Dokploy Improperly Discloses User Information via user.one Endpoint — dokployCWE-359 4.3AIMediumAI2025-07-07

This page lists every published CVE security advisory associated with Dokploy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.