1. Security Audit Flags TOFU SSH Implementation as Critical First-Connection Vulnerability
A code review conducted on May 2, 2026, has identified a critical security flaw in ssh_manager.py that exposes panel-to-server communication to man-in-the-middle attacks. The file implements Trust On First Use authentication through Python's AutoAddPolicy, which automatically accepts and stores any host key presented d...