CVE-2026-29203

EPSS 0.04% · P13 Updated May 09, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-29203

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path under their home directory.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

CWE-61

Source: NVD (National Vulnerability Database)

Vulnerability Title

cPanel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

cPanel是美国cPanel公司的一套基于Web的自动化主机托管平台。该平台主要用于自动化管理网站和服务器。 cPanel存在安全漏洞，该漏洞源于Cpanel::Nova::Connector中的chmod调用遵循符号链接，可能导致已认证的cPanel用户在其主目录下放置符号链接时设置任意系统文件或目录的root权限，造成拒绝服务或本地权限提升。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
WebPros	cPanel	11.136.0.0 ~ 11.136.0.9	-
WebPros	cPanel (CentOS 6, CloudLinux 6)	11.110.0.0 ~ 11.110.114	-
WebPros	WP Squared	11.136.1.0 ~ 11.136.1.10	-

II. Public POCs for CVE-2026-29203

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-29203

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2026-29203

Same Patch Batch · WebPros · 2026-05-08 · 3 CVEs total

CVE-2026-29202		cPanel 输入验证错误漏洞
CVE-2026-29201		cPanel 输入验证错误漏洞

IV. Related Vulnerabilities

Same product: cPanel

Same vendor: WebPros

Same weakness: CWE-61

V. Comments for CVE-2026-29203

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-29203

I. Basic Information for CVE-2026-29203

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-29203

III. Intelligence Information for CVE-2026-29203

Same Patch Batch · WebPros · 2026-05-08 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-29203

Leave a comment