CVE-2026-29203

HIGH

cPanel 11.86.0.0-11.136.0.8 - Authenticated Local Privilege Escalation via Symlink Following

Title source: llm

Description

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path under their home directory.

References (1)

Core 1

Core References

https://support.cpanel.net/hc/en-us/articles/40311543760407-Security-CVE-2026-29203-cPanel-WHM-WP2-Security-Update-May-08-2026

Scores

CVSS v3 8.8

EPSS 0.0049

EPSS Percentile 38.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-61

Status published

Products (29)

WebPros/cPanel < 11.102.0.41

WebPros/cPanel < 11.110.0.116

WebPros/cPanel < 11.110.0.117

WebPros/cPanel < 11.118.0.66

WebPros/cPanel < 11.124.0.37

WebPros/cPanel < 11.126.0.58

WebPros/cPanel < 11.130.0.22

WebPros/cPanel < 11.132.0.31

WebPros/cPanel < 11.134.0.25

WebPros/cPanel < 11.136.0.9

... and 19 more

Published May 08, 2026

Tracked Since May 09, 2026