CVE-2025-49132 | pterodactyl panel up to 1.11.10 /locales/locale.json locale/namespace code injection (GHSA-24wv-6c99-f843)

A vulnerability, which was classified as critical, was found in pterodactyl panel up to 1.11.10. This affects an unknown part of the file /locales/locale.json. The manipulation of the argument locale/namespace leads to code injection.

This vulnerability is uniquely identified as CVE-2025-49132. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More