Cert-In-Advisories

[CIVN-2026-0233] Multiple Vulnerabilities in cPanel & WHM (WP2)

By Published On: May 14, 2026

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256


Multiple Vulnerabilities in cPanel & WHM (WP2)


Indian – Computer Emergency Response Team (https://www.cert-in.org.in)


Severity Rating: HIGH


Systems Affected


cPanel & WHM (Web Host Manager) versions:

prior to 11.136.0.9

prior to 11.134.0.25

prior to 11.132.0.31

prior to 11.130.0.22 

prior to 11.126.0.58 

prior to 11.124.0.37 

prior to 11.118.0.66  

prior to 11.110.0.117 

prior to 11.102.0.41 

prior to 11.94.0.30 

prior to 11.86.0.43

WP Squared version prior to 11.136.1.11

Overview


Multiple vulnerabilities have been reported in cPanel & WHM, which could allow an attacker to read arbitrary files, execute arbitrary code, cause denial-of-service conditions, or escalate privileges on the targeted systems.


Target Audience:

Organizations and individuals using the affected cPanel & WHM-based hosting environments.


Risk Assessment:

High risk of escalate privileges, execute arbitrary code and read arbitrary files.


Impact Assessment:

Potential for read sensitive system files, remote code execution and denial-of -service conditions.


Description


cPanel & WHM is a widely used web hosting control panel that provides administrative (WHM) and user-level (cPanel) interfaces for managing servers and websites.


Multiple vulnerabilities exist in cPanel and WHM due to improper input validation in the ‘LOADFEATUREFILE adminbincall’ feature, insufficient input validation of the ‘plugin’ parameter in the ‘create_user API’ and unsafe symlink handling that allows a user to change permissions on arbitrary files using chmod.


Successful exploitation of these vulnerabilities could allow an attacker to read arbitrary files, execute arbitrary code, cause denial-of-service conditions, or escalate privileges on the targeted systems.


Solution


Apply appropriate software updates as mentioned by the vendor:

https://support.cpanel.net/hc/en-us/articles/40311033698327-Security-CVE-2026-29201-cPanel-WHM-WP2-Security-Update-May-08-2026


https://support.cpanel.net/hc/en-us/articles/40311426610327-Security-CVE-2026-29202-cPanel-WHM-WP2-Security-Update-May-08-2026


https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026



Vendor Information


cPanel

https://support.cpanel.net/hc/en-us/articles/40311033698327-Security-CVE-2026-29201-cPanel-WHM-WP2-Security-Update-May-08-2026

https://support.cpanel.net/hc/en-us/articles/40311426610327-Security-CVE-2026-29202-cPanel-WHM-WP2-Security-Update-May-08-2026

https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026


References


cPanel

https://support.cpanel.net/hc/en-us/articles/40311033698327-Security-CVE-2026-29201-cPanel-WHM-WP2-Security-Update-May-08-2026

https://support.cpanel.net/hc/en-us/articles/40311426610327-Security-CVE-2026-29202-cPanel-WHM-WP2-Security-Update-May-08-2026

https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026


CVE Name

CVE-2026-29201

CVE-2026-29202

CVE-2026-29203




– —


Thanks and Regards,

CERT-In


Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS


Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–


iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoF5ksACgkQ3jCgcSdc

ys9m9A//f9C+gCbyrybkfy/QVFV61l3nIM2VGLFgf2bSp/HGydvmaiadIIrBXH4z

dQJvRzMsNqZdYdnrhX02yNw+4QFI13P3a53+gkDgN3TshMPmQwjbkkv118Ll7vZY

KN9gFT+5WaicFEEmTvnUUPAl2PboPI8NBPT1LW09rMHU8KYYAcsN1EGN8eUyFFaW

BAVdIQ0QFzPbnd1grlaP/73WbMiQ7v+3WmiLeEy09qUtlJhkyrF0q3/xqOatlbtB

4XMErtUJ+p/3/WvF33G5oMOyEH704N3SJHy6i/wy3+t0q8G6u9bC2eAY6jkvetWd

+tHnVb7TZ53MfR6BFl/Pxo/pyGVDG6hYESnQmeJ6HbaOLdd73D+R2629trafWl+L

jUA5Dhs1MJV+mJmWFuJNnhxIxecSm6RgLhtjaTkYUfyy8meDz+AMemwC3ivU1YF6

S6DpdNuV+PYLLNQI7/2GU6kAkMYWsHUWxUzwTSvlmBbLdposw8Yf9shnMcUS5dP1

MrNbH/NAowLOx+8mXJSy0tqBDPAOEPiAY2lR5HsKX0w6euE9BNcH+Nz2075yGLrR

9y5nS7vlGD4T7VWBzzO7XIAIg/GeqSlHnpGrE93VuCgGh15zoTIsh53TMUmgCMBw

xxihDhYjunVwhJYr0VZ0os8xSvjEIEw1lOdAq9RI56YmuML3Ct8=

=69j1

—–END PGP SIGNATURE—–

Share this article

Related Posts

[CIAD-2026-0023] Multiple Vulnerabilities in SAP Products

[CIAD-2026-0023] Multiple Vulnerabilities in SAP Products

May 14, 2026
[CIVN-2026-0235] Multiple Vulnerabilities in Google Chrome for Desktop

[CIVN-2026-0235] Multiple Vulnerabilities in Google Chrome for Desktop

May 14, 2026
[CIVN-2026-0234] Multiple Vulnerabilities in Mozilla Products

[CIVN-2026-0234] Multiple Vulnerabilities in Mozilla Products

May 14, 2026
Total Views: 10|Daily Views: 10
Follow us :

Categories

Archives

Join our team

Join us today latest article updates!