Go modules package
github.com/1panel-dev/1panel/core
pkg:golang/github.com/1panel-dev/1panel/core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-66507 | — | < 0.0.0-20251128030527-ac43f00273be | 0.0.0-20251128030527-ac43f00273be | Dec 9, 2025 | 1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper val | ||
| CVE-2025-54424 | — | >= 1.0.0, < 2.0.6 | 2.0.6 | Aug 1, 2025 | 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during cer |
- CVE-2025-66507Dec 9, 2025affected < 0.0.0-20251128030527-ac43f00273befixed 0.0.0-20251128030527-ac43f00273be
1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.13 and below allow an unauthenticated attacker to disable CAPTCHA verification by abusing a client-controlled parameter. Because the server previously trusted this value without proper val
- CVE-2025-54424Aug 1, 2025affected >= 1.0.0, < 2.0.6fixed 2.0.6
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during cer