Latest Cyber Security News

You are here: Home / General Cyber Security News / cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
May 9, 2026

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service.

The list of vulnerabilities is as follows –

  • CVE-2026-29201 (CVSS score: 4.3) – An insufficient input validation of the feature file name in the “feature::LOADFEATUREFILE” adminbin call that could result in an arbitrary file read.
  • CVE-2026-29202 (CVSS score: 8.8) – An insufficient input validation of the “plugin” parameter in the “create_user API” call that could result in arbitrary Perl code execution on behalf of the already authenticated account’s system user.
  • CVE-2026-29203 (CVSS score: 8.8) – An unsafe symlink handling vulnerability that allows a user to modify access permissions of an arbitrary file using chmod, resulting in denial-of-service or possible privilege escalation.

Cybersecurity

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The shortcomings have been patched in the following versions –

  • cPanel and WHM –
    • 11.136.0.9 and higher
    • 11.134.0.25 and higher
    • 11.132.0.31 and higher
    • 11.130.0.22 and higher
    • 11.126.0.58 and higher
    • 11.124.0.37 and higher
    • 11.118.0.66 and higher
    • 11.110.0.116 and higher
    • 11.110.0.117 and higher
    • 11.102.0.41 and higher
    • 11.94.0.30 and higher
    • 11.86.0.43 and higher
  • WP Squared –
    • 11.136.1.10 and higher

cPanel has released 110.0.114 as a direct update for customers who are still on CentOS 6 or CloudLinux 6. Users are advised to update to the latest versions for optimal protection.

While there is no evidence that the vulnerabilities have been exploited in the wild, the disclosure comes days after another critical flaw in the product (CVE-2026-41940) has been weaponized by threat actors as a zero-day to deliver Mirai botnet variants and a ransomware strain called Sorry.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *