{"vulnerability": "CVE-2026-34048", "sightings": [{"uuid": "21424613-cf7d-4858-a7ba-76506fe1c07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34048", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpzpxol2362e", "content": "CVE-2026-34048 - coolify\nA security issue in Coolify's terminal feature allows team members with limited access to run server commands on other team members' servers. This could lead to unintended changes\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#coolify #coollabsio #CVE #infosec", "creation_timestamp": "2026-07-07T04:04:04.310184Z"}, {"uuid": "2a9d818f-867b-468e-a7d1-e88053e86763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34048", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpzqfksntd2a", "content": "CVE-2026-34048 - Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers\nCVE ID : CVE-2026-34048\n \n Published : July 7, 2026, 3:19 a.m. | 28\u00a0minutes ago\n \n Description : Coolify is an open-source a...", "creation_timestamp": "2026-07-07T04:11:50.423686Z"}, {"uuid": "57aa6359-f720-4da6-a356-edb74b14d859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34048", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpzwhvprga2r", "content": "CVE-2026-34048: CRITICAL in coollabsio Coolify (&lt;4.0.0-beta.471) enables low-priv team members to run commands on servers. Patch to 4.0.0-beta.471 now. https://radar.offseq.com/threat/cve-2026-34048-cwe-285-improper-authorization-in-c-485c49c27b765944 #OffSeq #Coolify #CVE202634048", "creation_timestamp": "2026-07-07T06:00:31.913927Z"}, {"uuid": "32e02b42-d9ef-48e6-9b5c-b6bf25431622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34048", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116877166458368676", "content": "CVE-2026-34048 (CRITICAL, CVSS 9.9): improper auth in coollabsio Coolify (&lt;4.0.0-beta.471) lets low-priv users execute commands via terminal websockets. Update to 4.0.0-beta.471 ASAP. https://radar.offseq.com/threat/cve-2026-34048-cwe-285-improper-authorization-in-c-485c49c27b765944 #OffSeq #Coolify #CVE202634048 #infosec", "creation_timestamp": "2026-07-07T06:00:35.020591Z"}]}