CVE-2026-32992

🗓️ 13 May 2026 22:06:04Reported by hackeroneType

CVE-2026-32992: SSL verification is disabled in the Domain Cluster, enabling man in the middle attacks and credential theft.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-32992	13 May 202622:06	–	attackerkb
Circl	CVE-2026-32992	14 May 202601:21	–	circl
CNNVD	cPanel 信任管理问题漏洞	13 May 202600:00	–	cnnvd
CVE	CVE-2026-32992	13 May 202622:06	–	cve
EUVD	EUVD-2026-30180	14 May 202600:31	–	euvd
NVD	CVE-2026-32992	13 May 202622:16	–	nvd
Positive Technologies	PT-2026-40439	12 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-32992	5 Jun 202619:20	–	redhatcve
Vulnrichment	CVE-2026-32992	13 May 202622:06	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "vendor": "WebPros",
    "product": "cPanel",
    "versions": [
      {
        "version": "11.136.0.0",
        "status": "affected",
        "lessThan": "11.136.0.10",
        "versionType": "semver"
      },
      {
        "version": "11.134.0.0",
        "status": "affected",
        "lessThan": "11.134.0.26",
        "versionType": "semver"
      },
      {
        "version": "11.132.0.0",
        "status": "affected",
        "lessThan": "11.132.0.32",
        "versionType": "semver"
      },
      {
        "version": "11.130.0.0",
        "status": "affected",
        "lessThan": "11.130.0.23",
        "versionType": "semver"
      },
      {
        "version": "11.126.0.0",
        "status": "affected",
        "lessThan": "11.126.0.59",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "vendor": "WebPros",
    "product": "WP Squared",
    "versions": [
      {
        "version": "11.126.1.0",
        "status": "affected",
        "lessThan": "11.136.1.12",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
support	www.support.cpanel.net/hc/en-us/articles/40437241987607-Security-CVE-2026-32992-cPanel-WHM-WP2-Security-Update-May-13-2026

13 May 2026 22:06Current

CVSS 3.18.2

EPSS0.00252

CWE-295