How is CVE-2026-45408 exploited?

Network reachability (required): The attacker must reach the Dokku Git service over the network to send the malicious push. Authentication (required): Any low-privilege Dokku account is sufficient; no administrator credentials are needed. Victim interaction (required): The attacker must perform a Git push, which is a deliberate user-initiated action that triggers the vulnerable pre-receive hook. Attack complexity (info): Exploitation is reliable and condition-free: inserting shell metacharacters into the app name requires no race condition or special memory layout.

What is the impact of CVE-2026-45408?

The attacker executes arbitrary OS commands as the dokku user, giving them a shell on the host. All application data, environment variables, and secrets stored on the Dokku host are readable by the attacker. The attacker can modify or delete deployed application containers, persisted volumes, and Git repositories hosted on the instance. The attacker can terminate running containers or exhaust host resources, taking down all applications hosted on the Dokku instance.

Back to search

CRITICALCVE-2026-45408Published 2026-06-26Modified 2026-06-26CNA GitHub_M

CVE-2026-45408: Dokku: OS Command Injection via App Name in Git Pre-Receive Hook

Q: What is CVE-2026-45408?

OS command injection in Dokku, the Docker-powered PaaS platform, allows an authenticated user with any account to run arbitrary commands on the host by pushing to a Git remote using a crafted app name. The flaw is reachable over the network, requires a low-privilege account and a single user-triggered Git push, and gives the attacker full code execution as the dokku system user, compromising confidentiality, integrity, and availability. A patched-image rebuild at version 0.38.2 is available on HarborGuard for environments running an affected version.

Q: Is CVE-2026-45408 patched?

Because the upstream fix is published at version 0.38.2, a patched-image rebuild at that version is available on HarborGuard for any environment where an affected image is detected. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against the affected workloads.

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc (<<EOF instead of <<'EOF') in fn-git-create-hook() at plugins/git/internal-functions:378. On git push, bash interprets the semicolon as a command separator, executing arbitrary commands as the dokku user. This vulnerability is fixed in 0.38.2.

CVSS v3.1: 9.0
Severity: CRITICAL
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

OS command injection in Dokku, the Docker-powered PaaS platform, allows an authenticated user with any account to run arbitrary commands on the host by pushing to a Git remote using a crafted app name. The flaw is reachable over the network, requires a low-privilege account and a single user-triggered Git push, and gives the attacker full code execution as the dokku system user, compromising confidentiality, integrity, and availability. A patched-image rebuild at version 0.38.2 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-45408 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images, including custom-built images that bundle Dokku, in both registry scans and CI pipeline checks.

Available

Triage

HarborGuard scores this CVE at CVSS 9.0 Critical and surfaces it accordingly in each customer organization's vulnerability queue; per-environment compliance policy weighting adjusts priority based on configured risk thresholds and routes the finding to the correct team inbox automatically.

Available

Patch

Because the upstream fix is published at version 0.38.2, a patched-image rebuild at that version is available on HarborGuard for any environment where an affected image is detected. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against the affected workloads.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The attacker must reach the Dokku Git service over the network to send the malicious push.
AuthenticationRequired
Any low-privilege Dokku account is sufficient; no administrator credentials are needed.
Victim interactionRequired
The attacker must perform a Git push, which is a deliberate user-initiated action that triggers the vulnerable pre-receive hook.
Attack complexityDetail
Exploitation is reliable and condition-free: inserting shell metacharacters into the app name requires no race condition or special memory layout.

Blast Radius

The attacker executes arbitrary OS commands as the dokku user, giving them a shell on the host.
All application data, environment variables, and secrets stored on the Dokku host are readable by the attacker.
The attacker can modify or delete deployed application containers, persisted volumes, and Git repositories hosted on the instance.
The attacker can terminate running containers or exhaust host resources, taking down all applications hosted on the Dokku instance.

How HarborGuard Handles This

Available on HarborGuard: images containing Dokku below version 0.38.2 are flagged as soon as the CVE is ingested, typically within minutes of publication. For customers who opt into auto-remediation, HarborGuard rebuilds the affected image at version 0.38.2, runs a regression test pass, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes in environments with auto-remediation enabled. Where compliance policy requires manual approval, the finding is routed to the designated team inbox with the CVSS 9.0 score and full vector context attached. Given the critical severity and the concrete command-injection path through Git push, treating this as an urgent patch cycle is warranted for any environment exposing a Dokku Git endpoint.

See how HarborGuard automates this

Affected packages

dokku / dokku
< 0.38.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

References

Metrics

Get notified