Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

1Panel — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in 1Panel, with AI-generated Chinese analysis, references, and POCs.

Vendor: 1Panel-dev

CVE IDTitleCVSSSeverityPaused
CVE-2026-23525 1panel App Store vulnerable to Cross-site Scripting CWE-79 6.4 Medium2026-01-18
CVE-2025-34429 1Panel CSRF Web Port Configuration Change CWE-352 7.1AIHighAI2025-12-10
CVE-2025-34430 1Panel CSRF Panel Name Modification CWE-352 4.3AIMediumAI2025-12-10
CVE-2025-34410 1Panel CSRF in Change Username Functionality Allows Account Lockout CWE-352 6.5AIMediumAI2025-12-10
CVE-2025-66508 1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers CWE-290 6.5 Medium2025-12-09
CVE-2025-66507 1Panel – CAPTCHA Bypass via Client-Controlled Flag CWE-602 7.5 High2025-12-09
CVE-2025-54424 1Panel Agent Bypasses Certificate Verification Leading to Arbitrary Command Execution CWE-77 8.1 High2025-08-01
CVE-2024-39911 1Panel SQL injection CWE-89 10.0 Critical2024-07-18
CVE-2024-39907 a sqlinjection in 1Panel CWE-89 9.8 Critical2024-07-18
CVE-2024-34352 Arbitrary file write vulnerability in 1Panel CWE-77 6.5 Medium2024-05-09
CVE-2024-30257 1Panel's password verification is suspected to have a timing attack vulnerability CWE-203 3.9 Low2024-04-18
CVE-2024-2352 1Panel swap baseApi.UpdateDeviceSwap command injection CWE-77 6.3 Medium2024-03-10
CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability. CWE-863 6.3 Medium2024-03-06
CVE-2024-24768 1Panel set-cookie is missing the Secure keyword CWE-315 6.5 Medium2024-02-05
CVE-2023-39966 1Panel arbitrary file write vulnerability exists in the background CWE-862 7.5 High2023-08-10
CVE-2023-39965 1Panel Unauthorized access in Backend CWE-863 6.5 Medium2023-08-10
CVE-2023-39964 1Panel O&M management panel has a background arbitrary file reading vulnerability CWE-22 7.5 High2023-08-10
CVE-2023-37477 Command injection in firewall ip functionality in 1Panel CWE-78 7.2 High2023-07-18
CVE-2023-36457 1Panel vulnerable to command injection when adding container repositories CWE-77 6.3 Medium2023-07-05
CVE-2023-36458 1Panel vulnerable to ommand injection when entering the container terminal CWE-77 6.3 Medium2023-07-05

All 20 known CVE vulnerabilities affecting 1Panel with full Chinese analysis, references, and POCs where available.