Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

1Panel-dev — Vulnerabilities & Security Advisories 44

Browse all 44 CVE security advisories affecting 1Panel-dev. AI-powered Chinese analysis, POCs, and references for each vulnerability.

1Panel-dev is an open-source, modern Linux server management tool designed to simplify the deployment and management of web applications through a graphical interface. Its architecture integrates containerization technologies, allowing users to manage databases, proxies, and monitoring services efficiently. Historically, the platform has been associated with forty-four recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insufficient input validation in API endpoints or improper access control mechanisms within the web interface. Notable incidents include critical RCE exploits that allowed unauthenticated attackers to gain full system control, highlighting risks inherent in complex management panels. While the project actively patches these issues, the high volume of past CVEs underscores the importance of rigorous security auditing for administrators relying on this tool for critical infrastructure management.

Found 16 results / 44Clear Filters
Top products by 1Panel-dev: MaxKB 1Panel KubePi
CVE IDTitleCVSSSeverityPublished
CVE-2026-23525 1panel App Store vulnerable to Cross-site Scripting — 1PanelCWE-79 6.4 Medium2026-01-18
CVE-2025-66508 1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers — 1PanelCWE-290 6.5 Medium2025-12-09
CVE-2025-66507 1Panel – CAPTCHA Bypass via Client-Controlled Flag — 1PanelCWE-602 7.5 High2025-12-09
CVE-2025-54424 1Panel Agent Bypasses Certificate Verification Leading to Arbitrary Command Execution — 1PanelCWE-77 8.1 High2025-08-01
CVE-2024-39911 1Panel SQL injection — 1PanelCWE-89 10.0 Critical2024-07-18
CVE-2024-39907 a sqlinjection in 1Panel — 1PanelCWE-89 9.8 Critical2024-07-18
CVE-2024-34352 Arbitrary file write vulnerability in 1Panel — 1PanelCWE-77 6.5 Medium2024-05-09
CVE-2024-30257 1Panel's password verification is suspected to have a timing attack vulnerability — 1PanelCWE-203 3.9 Low2024-04-18
CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability. — 1PanelCWE-863 6.3 Medium2024-03-06
CVE-2024-24768 1Panel set-cookie is missing the Secure keyword — 1PanelCWE-315 6.5 Medium2024-02-05
CVE-2023-39966 1Panel arbitrary file write vulnerability exists in the background — 1PanelCWE-862 7.5 High2023-08-10
CVE-2023-39965 1Panel Unauthorized access in Backend — 1PanelCWE-863 6.5 Medium2023-08-10
CVE-2023-39964 1Panel O&M management panel has a background arbitrary file reading vulnerability — 1PanelCWE-22 7.5 High2023-08-10
CVE-2023-37477 Command injection in firewall ip functionality in 1Panel — 1PanelCWE-78 7.2 High2023-07-18
CVE-2023-36457 1Panel vulnerable to command injection when adding container repositories — 1PanelCWE-77 6.3 Medium2023-07-05
CVE-2023-36458 1Panel vulnerable to ommand injection when entering the container terminal — 1PanelCWE-77 6.3 Medium2023-07-05

This page lists every published CVE security advisory associated with 1Panel-dev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.