A vulnerability classified as problematic has been found in pterodactyl panel up to 1.12.2 . Affected is an unknown function of the component Pterodactyl Client API . This manipulation causes time-of-check time-of-use. The identification of this vulnerability is CVE-2026-35202 . It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.