CVE-2026-21696 unknown —
—
4mo ago
Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered in github.com/pterodactyl/wings
golang
CVE-2025-69199 unknown —
—
4mo ago
Pterodactyl websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks in github.com/pterodactyl/wings
golang
CVE-2025-68954 unknown —
—
5mo ago
Pterodactyl does not revoke SFTP access when server is deleted or permissions reduced
php golang
CVE-2024-34068 unknown —
—
2y ago
Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings
golang
CVE-2024-34066 unknown —
—
2y ago
Pterodactyl Wings vulnerable to Arbitrary File Write/Read in github.com/pterodactyl/wings
golang
CVE-2024-27102 unknown —
—
2y ago
Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings
golang
CVE-2023-32080 unknown —
—
3y ago
Wings vulnerable to escape to host from installation container in github.com/pterodactyl/wings
golang
CVE-2023-25168 unknown —
—
3y ago
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system in github.com/pterodactyl/wings
golang
CVE-2023-25152 unknown —
—
3y ago
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
golang
CVE-2021-32699 unknown —
—
5y ago
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings in github.com/pterodactyl/wings
golang