Aapanel CVEs & Vulnerabilities
3 CVEs affecting Aapanel products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
aapanel 3
CVE-2026-29859CRITICAL
An arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a crafted file.
18 Mar 2026
9.8
CVSS
CVE-2026-29858HIGH
A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion (LFI), leadingot sensitive information exposure.
18 Mar 2026
7.5
CVSS
CVE-2026-29856HIGH
An issue in the VirtualHost configuration handling/parser component of aaPanel v7.57.0 allows attackers to cause a Regular Expression Denial of Service (ReDoS) via a crafted input.
18 Mar 2026
7.5
CVSS
← PrevPage 1 / 1Next →