VYPR

Wings

by Pterodactyl

Source repositories

CVEs (9)

  • CVE-2026-21696Jan 19, 2026
    risk 0.00cvss epss 0.00

    Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Starting in version 1.7.0 and prior to version 1.12.0, Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to…

  • CVE-2025-69199Jan 19, 2026
    risk 0.00cvss epss 0.00

    Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request…

  • CVE-2024-34066May 3, 2024
    risk 0.00cvss epss 0.01

    Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is…

  • CVE-2024-34068May 3, 2024
    risk 0.00cvss epss 0.00

    Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control (GHSA-6rg3-8h8x-5xfv) that prevents accessing internal endpoints of the node hosting Wings in…

  • CVE-2024-27102Mar 13, 2024
    risk 0.00cvss epss 0.01

    Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but…

  • CVE-2023-32080May 10, 2023
    risk 0.00cvss epss 0.01

    Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings…

  • CVE-2023-25168Feb 8, 2023
    risk 0.00cvss epss 0.01

    Wings is Pterodactyl's server control plane. This vulnerability can be used to delete files and directories recursively on the host system. This vulnerability can be combined with `GHSA-p8r3-83r8-jwj5` to overwrite files on the host system. In order to use this exploit, an…

  • CVE-2023-25152Feb 8, 2023
    risk 0.00cvss epss 0.01

    Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations,…

  • CVE-2021-32699Jun 22, 2021
    risk 0.00cvss epss 0.00

    Wings is the control plane software for the open source Pterodactyl game management system. All versions of Pterodactyl Wings prior to `1.4.4` are vulnerable to system resource exhaustion due to improper container process limits being defined. A malicious user can consume more…