Panel Vulnerabilities

pip ML UI

AI Threat Alert tracks 43 known vulnerabilities in Panel, 15 rated critical — an AI/ML ml ui in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
26
Risk Score
43
Total CVEs
15
Critical
pip
Ecosystem
Jul 2, 2026
Last CVE
59%
Patch Rate
6d
Avg Time to Patch
5,708 stars 609 forks 1,120 issues 479 dependents Last push Jun 18, 2026
View on GitHub
OpenSSF Scorecard 6.6/10

Known Vulnerabilities (42 total, page 2 of 2)

Severity CVE ID Summary CVSS Published
CRITICAL CVE-2026-2586 GlassFish: authenticated RCE via admin console 9.1 May 19, 2026 HIGH CVE-2026-41234 Froxlor: DNS zone injection via unsanitized TXT record 7.6 Jun 3, 2026 HIGH GHSA-f9rx-7wf7-jr36 Froxlor: 2FA bypass via API grants full account access 8.1 Jun 3, 2026 MEDIUM CVE-2026-47745 Shopper: auth bypass enables full checkout shutdown 6.5 May 29, 2026 CRITICAL CVE-2026-47744 Shopper: RBAC bypass allows full admin takeover 9.9 May 29, 2026 MEDIUM CVE-2026-47742 Shopper: authz bypass lets any user mutate product data 6.5 May 29, 2026 HIGH CVE-2026-41235 Froxlor: shell whitelist bypass grants host shell access -- May 29, 2026 HIGH CVE-2026-41236 Froxlor: symlink-following grants customer root SSH access 8.8 May 29, 2026 MEDIUM CVE-2026-45334 Kirby CMS: auth bypass leaks admin emails via content lock -- May 27, 2026 HIGH CVE-2026-45368 Kirby CMS: Stored XSS via javascript: URI scheme bypass -- May 27, 2026 HIGH CVE-2026-44174 Kirby: unsafe reflection allows privilege escalation -- May 26, 2026 HIGH CVE-2026-44175 Kirby CMS: stored XSS in list field enables session hijack -- May 26, 2026 MEDIUM CVE-2026-44176 Kirby CMS: auth bypass exposes restricted page drafts -- May 26, 2026 MEDIUM CVE-2026-44898 mistune: XSS in TOC render via unescaped heading ID 6.1 May 14, 2026 MEDIUM CVE-2026-44899 mistune: CSS injection enables phishing UI overlay 4.7 May 14, 2026 MEDIUM CVE-2026-44897 mistune: XSS via unescaped heading id= attribute 6.1 May 9, 2026 MEDIUM CVE-2026-44708 mistune: math plugin XSS bypasses escape=True control 6.1 May 8, 2026

Showing 26–42 of 42

Frequently asked questions

What is Panel?

Panel is an AI/ML ml ui tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does Panel have?

Panel has 43 known CVEs, 15 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is Panel distributed in?

Panel is distributed via the pip ecosystem and categorized as ml ui.

Where does the Panel vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of Panel?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor Panel in your stack

Get instant alerts when new vulnerabilities affect Panel. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring