CVE-2026-26016 | Pterodactyl Panel up to 1.12.0 Configuration Data config.yml authorization

A vulnerability classified as problematic was found in Pterodactyl Panel up to 1.12.0. Impacted is an unknown function of the file /etc/pterodactyl/config.yml of the component Configuration Data Handler. Such manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2026-26016. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More