pterodactyl/panel Security Advisories for v1.9.1 (3)
-
[CRITICAL] Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution
PKSA-7fcd-gcsm-y5fk CVE-2025-49132 GHSA-24wv-6c99-f843
Affected version: <=1.11.10
Reported by:
GitHub -
[MEDIUM] Pterodactyl Panel has plain-text logging of user passwords when two-factor authentication is disabled
PKSA-r7r5-9g2g-bhnx CVE-2024-49762 GHSA-c479-wq8g-57hr
Affected version: <1.11.8
Reported by:
GitHub -
[MEDIUM] Pterodactyl panel's admin area vulnerable to Cross-site Scripting
PKSA-w7w4-x3d5-y8hz CVE-2024-34067 GHSA-384w-wffr-x63q
Affected version: <1.11.6
Reported by:
GitHub