Perceptive Security
SOC/SIEM Consultancy
Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456…
Published:
28 May 2026 at 22:00:00
Alert date:
29 May 2026 at 21:09:42
Source:
nvd.nist.gov
Cloud & Virtualization, Identity & Access, Web Technologies
Critical vulnerability in Dokploy PaaS platform (versions 0.27.0 to before 0.29.3) where a hardcoded BETTER_AUTH_SECRET fallback value allows unauthenticated attackers to forge JWT tokens. Attackers can exploit this to auto-sign-in as admin and execute commands on the host system via the built-in SSH terminal. The hardcoded secret 'better-auth-secret-123456789' enables complete system compromise. This represents a severe authentication bypass vulnerability that grants administrative access to unauthorized users. The vulnerability has been patched in version 0.29.3.
Technical details
Mitigation steps:
Affected products:
Dokploy
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-45631
https://github.com/Dokploy/dokploy/pull/4374
https://github.com/Dokploy/dokploy/security/advisories/GHSA-w3gm-rc4p-9rhj
Related CVE's:
Related threat actors:
IOC's:
better-auth-secret-123456789
This article was created with the assistance of AI technology by Perceptive.