Multiple cPanel Vulnerabilities Allows Access to Sensitive System Resources

HomeCyber Security News Multiple cPanel Vulnerabilities Allows Access to Sensitive System Resources By Abinaya May 15, 2026 In a severe blow to web hosting environments worldwide, administrators are racing against the clock to patch a massive wave of security vulnerabilities affecting cPanel and WebHost Manager (WHM). Threat actors are currently eyeing newly disclosed flaws that grant unauthenticated access to sensitive system resources, potentially allowing complete server compromise. Recent security updates from cPanel address multiple high-severity flaws that pose a critical risk to shared hosting ecosystems. The cPanel Vulnerabilities The most alarming of the recently patched vulnerabilities carries a critical CVSS score of 9.8, alongside other serious bugs that open the door to denial-of-service (DoS) conditions and severe account abuse. Among the specifically detailed threats is CVE-2026-29202, a severe issue with a CVSS score of 8.8 that stems from insufficient input validation of the “plugin” parameter during a “create_user” API call. If exploited, this allows an attacker to execute arbitrary Perl code with the system permissions of an already-authenticated account’s system user. Another newly patched flaw, CVE-2026-29201, enables arbitrary file reads due to poor validation of feature file names, exposing underlying server configurations to unauthorized viewers. The threat landscape for Linux-based hosting servers is further complicated by concurrent vulnerabilities in underlying infrastructure software. On May 7, 2026, researchers disclosed “Dirty Frag” (tracked as CVE-2026-43284 and CVE-2026-43500), a local privilege escalation flaw in the Linux kernel’s page cache. Discovered by independent researcher Hyunwoo Kim, this exploit shares similarities with the notorious 2022 Dirty Pipe bug and allows a low-level local user to obtain full root administrative control easily. Additionally, email services bundled with many hosting servers face severe risks from the Exim vulnerability CVE-2026-40684. This medium-severity flaw allows attackers to crash connection instances by supplying malformed DNS data in PTR records, resulting in a denial-of-service condition on systems using musl libc. System administrators running affected infrastructure must prioritize patching immediately to prevent server takeover. The cPanel updates resolve these critical paths to code execution and privilege escalation for multiple version branches, including systems running versions 11.136.0.8 and lower. Security teams should quickly update cPanel, WHM, and WP Squared installations to the newest available releases, while simultaneously auditing server access logs for unauthorized API calls or unusual local file reads that might indicate active exploitation. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News New Critical Exim Mailer Allows Remote Attacker to Execute Arbitrary Code Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information North Korean Hackers Weaponize Git Hooks to Deploy Cross-Platform Malware OpenAI Daybreak Automates Vulnerability Detection and Fixing Fortinet Patches Five Vulnerabilities Across FortiAP, FortiOS, and Enterprise Products Latest News Cyber Security News Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations Cyber Security News VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root Cyber Security News Hackers Abuse Scheduled Tasks to Maintain Persistence in FrostyNeighbor Attacks Cyber Security News 79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now! Cyber Security News Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks