VDB
GO-2025-3844
GO-2025-3844
PUBLISHED
CVSS 9.300000190734863 CRITICAL
RatPanel can perform remote command execution without authorization in github.com/tnborg/panel in github.com/TheTNB/panel
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | tnb-labs/panel | 0, 0 |
| github.com | TheTNB/panel/v2 | 0, 0 |
| github.com | TheTNB/panel | 0.0.0-20241111062800-91ecd04c2700, 0.0.0-20241111062800 |
Timeline
- Aug 11, 2025 CVE Published
- Mar 3, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/tnborg/panel/security/advisories/GHSA-fm3m-jrgm-5ppg advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-53534 advisory
- https://github.com/tnborg/panel/commit/4985eb2e1f388ecd6faf331941c13cb97368ec1d patch
- https://github.com/tnborg/panel/commit/91ecd04c270061429f9df5ec19cd6b96a9f595f2 patch
- https://github.com/tnborg/panel/commit/ed5c74c7534230ba685273504af4c1e1e3598ff1 patch
- https://github.com/tnborg/panel/releases/tag/v2.5.6 url