Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2026/05/09 7:16 a.m.13 views

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager WHM that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 CVSS score: 4.3 - An insufficient input...

8.8CVSS6.3AI score0.0083EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 6:51 p.m.5 views

CVE-2026-29203

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...

8.8CVSS5.9AI score0.00493EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/05/08 6:51 p.m.19 views

CVE-2026-29203

CVE-2026-29203 affects the cPanel Nova plugin component Cpanel::Nova::Connector. A chmod call follows symlinks, enabling an authenticated cPanel user to set root permissions on arbitrary system files or directories by placing a symlink at a user-controlled legacy Nova path in their home directory...

8.8CVSS5.9AI score0.00493EPSS
Exploits0References1
Circl
Circl
added 2026/05/08 4:0 a.m.30 views

CVE-2026-29203

creationtimestamp| type| source ---|---|--- 2026-05-08 04:00:00+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-13 2026-05-08 11:49:02+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/cpanel-security-advisory-av26-437 2026-05-08 12:44:10+00:00| seen|...

8.8CVSS5.4AI score0.00493EPSS
Exploits0References14
Rows per page
Query Builder