Github.com/1panel-dev/1panel

This hub aggregates every CVE we track for Github.com/1panel-dev/1panel, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Github.com/1panel-dev/1panel.

• CVE-2025-344291Panel CSRF Web Port Configuration Change7.1Dec 10, 2025
• CVE-2025-344301Panel CSRF Panel Name Modification4.3Dec 10, 2025
• CVE-2025-344101Panel CSRF in Change Username Functionality Allows Account Lockout7.1Dec 10, 2025
• CVE-2025-665081Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers6.5Dec 9, 2025
• CVE-2025-665071Panel – CAPTCHA Bypass via Client-Controlled Flag7.5Dec 9, 2025
• CVE-2024-39907a sqlinjection in 1Panel 9.8Jul 18, 2024
• CVE-2024-34352Arbitrary file write vulnerability in 1Panel 6.5May 9, 2024
• CVE-2024-302571Panel's password verification is suspected to have a timing attack vulnerability3.9Apr 18, 2024
• CVE-2024-23521Panel swap baseApi.UpdateDeviceSwap command injection6.3Mar 10, 2024
• CVE-2024-272881Panel open source panel project has an unauthorized vulnerability.6.3Mar 6, 2024
• CVE-2024-247681Panel set-cookie is missing the Secure keyword6.5Feb 5, 2024
• CVE-2023-399661Panel arbitrary file write vulnerability exists in the background7.5Aug 10, 2023
• CVE-2023-399651Panel Unauthorized access in Backend6.5Aug 10, 2023
• CVE-2023-399641Panel O&M management panel has a background arbitrary file reading vulnerability7.5Aug 10, 2023
• CVE-2023-37477Command injection in firewall ip functionality in 1Panel7.2Jul 18, 2023