Back

Multiple Vulnerabilities in cPanel & WHM Posed Security Risks

Severity: High (Score: 74.0)

Sources: support.cpanel.net

Summary

On May 8, 2026, cPanel & WHM released patches for three critical vulnerabilities: CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203. CVE-2026-29201 allows arbitrary file reads due to inadequate validation in the LOADFEATUREFILE call. CVE-2026-29202 involves a Perl code injection in the create_user API, while CVE-2026-29203 permits unsafe symlink handling, enabling users to change permissions on arbitrary files. These vulnerabilities affect all versions of cPanel & WHM, particularly impacting users on CentOS 6 or CloudLinux 6. The patches are available, and users are urged to update immediately to mitigate potential risks. The vulnerabilities could lead to denial of service, privilege escalation, and unauthorized access to sensitive files. All affected systems should verify their cPanel versions post-update to ensure security compliance. Key Points: • cPanel & WHM released patches for three critical vulnerabilities on May 8, 2026. • CVE-2026-29201 allows arbitrary file reads, CVE-2026-29202 involves Perl code injection, and CVE-2026-29203 enables unsafe symlink handling. • Users are strongly advised to update their systems to the latest versions to mitigate risks.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2026-29201 (cve)
  • CVE-2026-29202 (cve)
  • CVE-2026-29203 (cve)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • CWE-269 - Improper Privilege Management (cwe)
  • CWE-94 - Code Injection (cwe)
  • T1059 - Command and Scripting Interpreter (mitre_attack)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • CentOS (platform)
  • CentOS 6 (platform)
  • CloudLinux 6 (platform)
  • CPanel & WHM (platform)
  • WP Squared (platform)
  • CloudLinux (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed