{"data":{"id":"a82d11f2-91f0-4f3d-9168-16be53a835e6","title":"CVE-2025-54424: 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server","summary":"1Panel is a web management tool that controls websites, files, containers (isolated software environments), databases, and AI models on Linux servers. In versions 2.0.5 and earlier, the tool's HTTPS connection (encrypted communication) between its core system and agent components doesn't fully verify certificates (digital identification documents), allowing attackers to gain unauthorized access and execute arbitrary commands on the server.","solution":"Fixed in version 2.0.6. Users should update to this version or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-54424","publishedAt":"2025-08-01T23:15:24.947Z","cveId":"CVE-2025-54424","cweIds":["CWE-77"],"cvssScore":"8.1","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["1Panel"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00402,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}