High severity8.8NVD Advisory· Published May 29, 2026· Updated May 29, 2026

CVE-2026-45662

Description

Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.0 and earlier, the deleteRegistry function in Dokploy (packages/server/src/services/registry.ts) executes docker logout ${response.registryUrl} without shell escaping. In the same file, the docker login command correctly uses shEscape() to prevent command injection. This inconsistency creates a command injection vulnerability when deleting a registry with a crafted registryUrl.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Dokploy 0.29.0 and earlier are vulnerable to command injection via unescaped docker logout when deleting a registry, allowing authenticated users to execute arbitrary commands on the host.

Vulnerability

In Dokploy 0.29.0 and earlier, the deleteRegistry function in packages/server/src/services/registry.ts executes docker logout ${response.registryUrl} without shell escaping, while the docker login command properly uses shEscape(). The registryUrl parameter, validated only with z.string(), allows shell metacharacters. This enables command injection when deleting a registry with a crafted registryUrl [1].

Exploitation

An authenticated user with registry management permissions can create a registry with a malicious registryUrl containing shell metacharacters (e.g., ; id > /tmp/pwned #). When the registry is deleted, the server executes the injected command as part of the docker logout command, resulting in remote code execution [1].

Impact

Successful exploitation grants the attacker arbitrary OS command execution on the Dokploy host, leading to server compromise, data exfiltration, or further lateral movement [1].

Mitigation

Not yet disclosed in the available references [1].

References

Command Injection via incomplete shell escaping in docker logout (registry deletion)

AI Insight generated on May 29, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Dokploy/Dokployinferred2 versions
<=0.29.0+ 1 more
- (no CPE)range: <=0.29.0
- (no CPE)range: <=0.29.0

Patches

98a586478e1b

chore: bump version to v0.29.1 in package.json

https://github.com/Dokploy/dokployMauricio SiuApr 19, 2026Fixed in 0.29.1via release-tag

commit

1 file changed · +1 −1

apps/dokploy/package.json+1 −1 modified

@@ -1,6 +1,6 @@
 {
 	"name": "dokploy",
-	"version": "v0.29.0",
+	"version": "v0.29.1",
 	"private": true,
 	"license": "Apache-2.0",
 	"type": "module",

Vulnerability mechanics

Root cause

"Missing shell escaping in the `docker logout` command allows command injection via a crafted `registryUrl`."

Attack vector

An authenticated user with registry management permissions creates a registry with a `registryUrl` containing shell metacharacters (e.g., `;`, `|`, `$()`). The `registryUrl` is validated only with `z.string()` — no regex restriction on special characters [ref_id=1]. When the user subsequently deletes that registry, the server executes `docker logout <crafted-url>` without shell escaping, allowing the injected command to run on the Dokploy host with the privileges of the server process [ref_id=1].

Affected code

The vulnerable function is `deleteRegistry` in `packages/server/src/services/registry.ts` at line 88, which calls `execAsync(`docker logout ${response.registryUrl}`)` without shell escaping. The same file defines `shEscape()` on line 14 and correctly uses it for the `docker login` command (lines 24-27), making the omission in `docker logout` an inconsistency [ref_id=1].

What the fix does

The patch at commit `98a586478e1b8168fab53aefb8fce9f37cfd6aa2` only bumps the version from v0.29.0 to v0.29.1 in `package.json` [patch_id=3102115]. The advisory states that the fix should apply `shEscape()` to `response.registryUrl` in the `docker logout` command, consistent with how `docker login` is handled [ref_id=1]. The patch file included in the bundle does not contain the actual code fix — only the version bump — so the remediation described in the advisory is the authoritative guidance.

Preconditions

authAttacker must be an authenticated user with registry management permissions
networkAttacker must be able to reach the Dokploy API over the network
inputAttacker must supply a crafted registryUrl containing shell metacharacters

Reproduction

1. Create a registry with a malicious URL: `curl -X POST https://dokploy-instance/api/trpc/registry.create -H "Authorization: Bearer <token>" -H "Content-Type: application/json" -d '{"registryName":"evil","username":"x","password":"x","registryUrl":"; id > /tmp/pwned #","registryType":"cloud","organizationId":"<org-id>"}'` [ref_id=1] 2. Delete the registry to trigger the vulnerable `docker logout` command: `curl -X POST https://dokploy-instance/api/trpc/registry.remove -H "Authorization: Bearer <token>" -H "Content-Type: application/json" -d '{"registryId":"<registry-id>"}'` [ref_id=1] 3. The server executes `docker logout ; id > /tmp/pwned #`, writing the output of `id` to `/tmp/pwned` [ref_id=1].

Generated on May 29, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/Dokploy/dokploy/security/advisories/GHSA-827c-7x62-29jqnvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000