AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-hr7j-63v7-vj7g: Pterodactyl Panel's SFTP sessions remain active after user account deletion or password change

highvulnerability

security

Source: GitHub Advisory DatabaseFebruary 17, 2026

Summary

Pterodactyl Panel has a security flaw where SFTP sessions (file transfer connections) stay active even after a user account is deleted or their password is changed, allowing continued access to server files with revoked credentials. This prevents administrators from immediately stopping access when they suspect a security breach, potentially allowing unauthorized people to read, modify, or delete files.

Classification

Attack SophisticationTrivial

Affected Vendors

Affected Packages

github.com/pterodactyl/wings@< 1.12.1 (fixed: 1.12.1)pterodactyl/panel@< 1.12.1 (fixed: 1.12.1)

Original source: https://github.com/advisories/GHSA-hr7j-63v7-vj7g

First tracked: February 17, 2026 at 02:12 PM

Classified by LLM (prompt v3) · confidence: 95%