4 matches found
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager WHM that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 CVSS score: 4.3 - An insufficient input...
CVE-2026-29203
A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...
CVE-2026-29203
CVE-2026-29203 affects the cPanel Nova plugin component Cpanel::Nova::Connector. A chmod call follows symlinks, enabling an authenticated cPanel user to set root permissions on arbitrary system files or directories by placing a symlink at a user-controlled legacy Nova path in their home directory...
CVE-2026-29203
creationtimestamp| type| source ---|---|--- 2026-05-08 04:00:00+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-13 2026-05-08 11:49:02+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/cpanel-security-advisory-av26-437 2026-05-08 12:44:10+00:00| seen|...