Every CVE whose affected-product data names Pterodactyl Panel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2026-26016 — CVSS 8.1 (high): Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.1, a missing…
CVE-2021-41129 — CVSS 8.1 (high): Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a…
CVE-2025-69197 — CVSS 6.5 (medium): Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below allow TOTP to be used multiple times during its…
CVE-2025-69198 — CVSS 6.5 (medium): Pterodactyl is a free, open-source game server management panel. Pterodactyl implements rate limits that are applied to the total number of…
CVE-2024-34067 — CVSS 6.1 (medium): Pterodactyl is a free, open-source game server management panel built with PHP, React, and Go. Importing a malicious egg or gaining access…
CVE-2025-68954 — CVSS 5.4 (medium): Pterodactyl is a free, open-source game server management panel. Versions 1.11.11 and below do not revoke active SFTP connections when a…
CVE-2021-41273 — CVSS 4.3 (medium): Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. Due to improperly configured CSRF protections…
CVE-2021-41176 — CVSS 4.3 (medium): Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious…