Skip to content
CVSS 9.1 · CRITICAL

CVE-2026-41473

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.

View on NVD

Analysis

CyberPanel is a popular web hosting control panel used by developers to manage VPS environments. An unauthenticated API bypass with a CVSS of 9.1 that allows writing arbitrary data to the database is a critical risk for anyone hosting web services through this platform.

Severity

Score: 9.1(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: NONE
I: HIGH
A: HIGH
Weakness (CWE): CWE-306

EPSS

Probability of exploitation (next 30 days): 0.0072 (0.7%)
Percentile: 72.5%
EPSS: 2026-05-06

Affects

cyberpanel:cyberpanel

Technical description

CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback endpoints. Attackers can exploit the lack of authentication checks to cause denial of service through storage exhaustion, corrupt scan history records, and pollute database fields with malicious data.

Published: 4/24/2026, 9:16:19 PM
Last modified: 4/28/2026, 3:44:53 PM

References

HomeEventsBlogResourcesTeam