All CosmicBytez Labs articles tagged #Self-Hosted, across news, security advisories, how-to guides, and projects.
Attackers are actively exploiting a critical authentication bypass in the official Gitea Docker image, allowing unauthenticated users to impersonate any...
A critical IDOR vulnerability in Coolify's cloneTo() Livewire action allows authenticated users to clone and take over resources across team boundaries...
A critical command injection vulnerability in Coolify's deployment pipeline allows any authenticated user with write access to execute arbitrary OS...
A Gitea flaw lets unauthenticated remote attackers pull private container images from self-hosted deployments with no account or credentials required.
Dokploy versions 0.26.6 and below contain a critical OS command injection vulnerability in the appName parameter, enabling unauthenticated remote code...
Deploy a fully self-hosted, Bitwarden-compatible password manager using Vaultwarden on Docker with Caddy reverse proxy, automatic TLS, WebSocket...
Deploy a complete self-hosted media automation system with Plex, Sonarr, Radarr, Prowlarr, and more. Includes Traefik reverse proxy, Authentik SSO, and...