Vulnerabilidades em 1Panel-dev
52 resultadosCVE-2024-30257LOW1Panel's password verification is suspected to have a timing attack vulnerabilityEPSS 0.4%CVE-2025-48950MEDIUMMaxKB Python Sandbox Bypass in Function LibraryEPSS 0.4%CVE-2026-39424MEDIUMMaxKB has CSV Injection in its Application Chat Export FunctionalityEPSS 0.4%CVE-2025-66446HIGHMaxKB has a Python sandbox LD_PRELOAD bypassEPSS 0.3%CVE-2026-23525MEDIUM1panel App Store vulnerable to Cross-site ScriptingEPSS 0.3%CVE-2024-24768MEDIUM1Panel set-cookie is missing the Secure keywordEPSS 0.3%CVE-2025-10433MEDIUM1Panel-dev MaxKB debug deserializationEPSS 0.3%CVE-2025-66419HIGHMaxKB vulnerable to privilege escalation through sandbox bypassEPSS 0.3%CVE-2026-44847HIGHMaxKB: Webhook Trigger Authentication BypassEPSS 0.3%CVE-2026-6106MEDIUM1Panel-dev MaxKB Public Chat static_headers_middleware.py StaticHeadersMiddleware cross site scriptingEPSS 0.3%CVE-2025-15632MEDIUM1Panel-dev MaxKB MdPreview chat.ts cross site scriptingEPSS 0.3%CVE-2026-39421MEDIUMMaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotectEPSS 0.3%CVE-2026-10514MEDIUM1Panel-dev CordysCRM RequestParamTrimConfig.java cross site scriptingEPSS 0.3%CVE-2026-39417MEDIUMMaxKB: RCE via MCP stdio command injection in workflow engineEPSS 0.2%CVE-2026-10567MEDIUM1Panel-dev CordysCRM ModuleFormController ModuleFormService.java save cross site scriptingEPSS 0.2%CVE-2025-32383MEDIUMMaxKB has a reverse shell vulnerability in function libraryEPSS 0.2%CVE-2026-42335MEDIUMMaxKB: SSRF Bypass in MaxKB OSS URL Fetch due to URL Parsing DiscrepancyEPSS 0.2%CVE-2025-53927MEDIUMMaxKB sandbox bypassEPSS 0.2%CVE-2026-39419LOWMaxKB: Sandbox Result Validation Bypass via Tool Output SpoofingEPSS 0.2%CVE-2026-39422MEDIUMMaxKB has Stored XSS via ChatHeadersMiddlewareEPSS 0.2%