CVE Catalog

CVE-2026-27882

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

Coolify prior to version 4.0.0-beta.461 uses a non-constant-time string comparison operator (!==) to validate the GitLab webhook secret token. This allows an attacker to gradually discover the secret token by measuring response time differences (timing attack).

Risk Assessment

An attacker could discover the GitLab webhook secret token, enabling them to impersonate legitimate requests and potentially take control of managed applications or data.

Recommendation

Immediately update Coolify to version 4.0.0-beta.461 or later, which includes a fix that eliminates the timing attack vulnerability.

Original NVD description (English source)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.461, the GitLab webhook endpoint uses a non-constant-time string comparison operator (!==) to validate the webhook secret token. This implementation is vulnerable to timing attacks, which could allow an attacker to gradually discover the secret token by measuring response time differences. This vulnerability is fixed in 4.0.0-beta.461.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS