CVE-2025-34159 – Coolify Docker Compose Remote Code Execution Vulnerability

August 27, 2025

CVE ID : CVE-2025-34159

Published : Aug. 27, 2025, 5:15 p.m. | 8 hours, 34 minutes ago

Description : Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root access to the underlying server.

Severity: 9.4 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-34161 – Coolify Remote Code Execution Vulnerability

Next Article CVE-2025-34157 – Coolify Stored XSS Vulnerability

Highlights

CVE-2025-8512 – TVB Big Big Shop App Android Android Application Component Export Vulnerability

August 3, 2025

CVE ID : CVE-2025-8512

Published : Aug. 3, 2025, 2:15 p.m. | 9 hours, 22 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Google integrates Gemini CLI into Zed code editor

10 Benefits of Integrating React.js Vibe Coding into Your Agile DevOps Pipeline

Designing For TV: The Evergreen Pattern That Shapes TV Experiences

Amplitude launches new self-service capabilities for marketing initiatives

This Vizio soundbar has impressive surround sound, and it’s on sale

DJI’s ultralight wireless Mic 3 captures great audio – even in tricky situations

OpenAI gives its voice agent superpowers to developers – look for more apps soon

T-Mobile will give you 4 free iPhone 16 phones right now – here’s how to get yours

Optimizing Laravel Livewire Performance with Computed Properties

Optimizing Laravel Livewire Performance with Computed Properties

Smart Cache Package for Laravel

This Week in Laravel: Filament 4 Videos and Pest 4 Browser Testing

Containers in 2025: Docker vs. Podman for Modern Developers

Containers in 2025: Docker vs. Podman for Modern Developers

FOSS Weekly #25.35: New Gerhwin DE, grep Command, Nitro init system, KDE Customization and More Linux Stuff

19 Beautiful Themes to Get a Better Visual Experience With VS Code

CVE-2025-34159 – Coolify Docker Compose Remote Code Execution Vulnerability

Don’t let “back to school” become “back to (cyber)bullying”

U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits

Prompt Engineering 101: Master LLMs Like ChatGPT & Claude

Marks & Spencer Confirms Cybersecurity Incident After Days of Service Disruptions

PIM for Azure Resources

High Tide (Linux Tidal Client) Adds Gapless Playback, Replay Gain

CVE-2025-8512 – TVB Big Big Shop App Android Android Application Component Export Vulnerability

Sony WH-1000XM6 vs. Bose QuietComfort Ultra: Which headphones should you buy?

Nvidia’s 70+ projects at ICLR show how raw chip power is central to AI’s acceleration

CVE-2025-43556 – Animate Integer Overflow or Wraparound Vulnerability (Arbitrary Code Execution)

CVE-2025-34159 – Coolify Docker Compose Remote Code Execution Vulnerability

Related Posts