Approved changes feed: RSS · Atom

cpe:2.3:a:1panel-dev:1panel:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor1Panel Dev (f9ba1e7c-5084-57b5-b4d5-d8c0480207c1)
Product1Panel (54886773-39d9-5f3b-8a3f-3806ca71fb14)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-23525 vulnerable 2026-06-08 07:51:15.566559 1panel App Store vulnerable to Cross-site Scripting
MEDIUM (6.4)
1Panel is an open-source, web-based control panel for Linux server management. A stored Cross-Site Scripting (XSS) vulnerability exists in the 1Panel App Store when viewing application details. Malicious scripts can execute in the context of the user’s browser, potentially compromising session data or sensitive system interfaces. All versions of 1Panel up to and including v1.10.33-lts and v2.0.16 are affected. An attacker could publish a malicious application that, when loaded by users (locally or remotely), can execute arbitrary scripts. This may result in theft of user cookies, unauthorized access to system functions, or other actions that compromise the confidentiality, integrity, and availability of the system. The vulnerability is caused by insufficient sanitization of content rendered by the MdEditor component with the `previewOnly` attribute enabled. Specifically, the App Store renders application README content without proper XSS protection, allowing script execution during content rendering; and similar issues exist in system upgrade-related components, which can be fixed by implementing proper XSS sanitization in the MdEditor component. These vulnerabilities can be mitigated by applying proper XSS protection and sanitization when rendering content in the MdEditor component. Safe versions with a patch incorporated are v1.10.34-lts and v2.0.17.
Published: 2026-01-18T22:10:59.500Z
Updated: 2026-01-20T20:07:16.229Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-66508 vulnerable 2026-06-08 07:41:19.086730 1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers
MEDIUM (6.5)
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies (TrustedProxies = 0.0.0.0/0), allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls (AllowIPs, API whitelists, localhost-only checks) rely on ClientIP(), attackers can bypass these protections by simply sending X-Forwarded-For: 127.0.0.1 or any whitelisted IP. This renders all IP-based security controls ineffective. This issue is fixed in version 2.0.14.
Published: 2025-12-09T01:37:10.219Z
Updated: 2025-12-09T16:03:08.608Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-66507 vulnerable 2026-06-08 07:41:19.077419 1Panel – CAPTCHA Bypass via Client-Controlled Flag
HIGH (7.5)
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper validation, CAPTCHA protections can be bypassed, enabling automated login attempts and significantly increasing the risk of account takeover (ATO). This issue is fixed in version 2.0.14.
Published: 2025-12-09T01:25:48.140Z
Updated: 2025-12-09T16:03:18.696Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-54424 vulnerable 2026-06-08 07:33:12.584976 1Panel Agent Bypasses Certificate Verification Leading to Arbitrary Command Execution
HIGH (8.1)
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.
Published: 2025-08-01T23:04:38.142Z
Updated: 2025-08-04T14:18:25.328Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-39911 vulnerable 2026-06-08 06:41:51.828137 1Panel SQL injection
CRITICAL (10)
1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Published: 2024-07-18T15:35:15.584Z
Updated: 2025-02-13T17:53:20.929Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-39907 vulnerable 2026-06-08 06:41:51.819923 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-34352 vulnerable 2026-06-08 06:37:33.157462 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-30257 vulnerable 2026-06-08 06:35:29.346414 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-27288 vulnerable 2026-06-08 06:31:28.424510 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-24768 vulnerable 2026-06-08 06:29:41.693441 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-39966 vulnerable 2026-06-08 06:09:38.204264 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-39965 vulnerable 2026-06-08 06:09:38.203837 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-39964 vulnerable 2026-06-08 06:09:38.203319 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-37477 vulnerable 2026-06-08 06:08:15.414104 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-36458 vulnerable 2026-06-08 06:08:11.726052 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-36457 vulnerable 2026-06-08 06:08:11.725465 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.