Vulnerability Report: GO-2026-4318
- CVE-2025-66292, GHSA-vh2x-fw87-4fxq
- Affects: github.com/donknap/dpanel
- Published: Jan 23, 2026
DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface in github.com/donknap/dpanel
For detailed information about this vulnerability, visit https://github.com/donknap/dpanel/security/advisories/GHSA-vh2x-fw87-4fxq or https://nvd.nist.gov/vuln/detail/CVE-2025-66292.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/donknap/dpanel/security/advisories/GHSA-vh2x-fw87-4fxq
- https://nvd.nist.gov/vuln/detail/CVE-2025-66292
- https://github.com/donknap/dpanel/commit/cbda0d90204e8212f2010774345c952e42069119
- https://github.com/donknap/dpanel/releases/tag/v1.9.2
- https://vuln.go.dev/ID/GO-2026-4318.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.