CVE-2025-69199

Name of the Vulnerable Software and Affected Versions Wings versions prior to 1.12.0

Description Wings, the server control plane for Pterodactyl, is affected by an issue where websockets lack appropriate rate limiting and throttling. This allows a malicious user to establish numerous connections and request data, potentially overwhelming the host system's memory and CPU. Furthermore, there is no limit on the size of messages sent or received, enabling an attacker to open thousands of websocket connections and transmit large amounts of data, leading to network overload and increased CPU and memory usage within Wings.

Recommendations Update to version 1.12.0 or later.