Browse all 44 CVE security advisories affecting 1Panel-dev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
1Panel-dev is an open-source, modern Linux server management tool designed to simplify the deployment and management of web applications through a graphical interface. Its architecture integrates containerization technologies, allowing users to manage databases, proxies, and monitoring services efficiently. Historically, the platform has been associated with forty-four recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insufficient input validation in API endpoints or improper access control mechanisms within the web interface. Notable incidents include critical RCE exploits that allowed unauthenticated attackers to gain full system control, highlighting risks inherent in complex management panels. While the project actively patches these issues, the high volume of past CVEs underscores the importance of rigorous security auditing for administrators relying on this tool for critical infrastructure management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-36111 | KubePi's JWT token validation has a defect — KubePiCWE-1259 | 6.3 | Medium | 2024-07-25 |
| CVE-2023-37916 | Leak password hash of any user — KubePiCWE-200 | 6.5 | Medium | 2023-07-21 |
| CVE-2023-37917 | Privilege Escalation in kubepi — KubePiCWE-269 | 9.1 | Critical | 2023-07-21 |
This page lists every published CVE security advisory associated with 1Panel-dev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.