📦 Panel

CVE-2026-26016 is an authorization bypass vulnerability in Pterodactyl Panel's Wings control plane that allows any authenticated Wings node to access and manipulate servers belonging to other nodes. T...

This CVE describes a race condition vulnerability in Pterodactyl Panel where concurrent requests can bypass resource limits. Malicious users can create more databases, port allocations, or backups tha...

This vulnerability in Pterodactyl allows users who were actively connected via SFTP to retain file access even after their permissions are revoked. It affects administrators who manage game servers us...

This vulnerability in Pterodactyl allows attackers to reuse intercepted TOTP 2FA tokens within their 60-second validity window. Users with 2FA enabled are affected, as an attacker who captures a valid...

This vulnerability in Pterodactyl Panel allows cross-site scripting (XSS) attacks when administrators import malicious eggs or access compromised wings instances. Attackers could potentially gain admi...