CVE-2026-45631
Dokploy: Pre-Auth Admin Takeover via Hardcoded Authentication Secret
CVSS Score
10.0
EPSS Score
0.0%
EPSS Percentile
0th
Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the built-in SSH terminal. This vulnerability is fixed in 0.29.3.
| CWE | CWE-798 |
| Vendor | dokploy |
| Product | dokploy |
| Published | May 29, 2026 |
| Last Updated | Jun 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for dokploy dokploy
Be the first to know when new critical vulnerabilities affecting dokploy dokploy are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Dokploy / dokploy
>= 0.27.0, < 0.29.3