cPanel’s Black Week: Understanding the Latest Security Patches and Vulnerabilities
cPanel has been under intense scrutiny lately, and for good reason. On May 8, 2026, the company released a second emergency security patch in just ten days, covering three new vulnerabilities: CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203. Two of these vulnerabilities carry a CVSS score of 8.8, which puts them firmly in the High severity tier, one step below Critical.
What are the Three New Vulnerabilities?
The first vulnerability, CVE-2026-29201, is an arbitrary file read vulnerability with a CVSS score of 4.3. This means that an authenticated attacker can manipulate the feature file name parameter to read files on the hosting server they should not have access to.
The second vulnerability, CVE-2026-29202, is an arbitrary Perl code execution vulnerability with a CVSS score of 8.8. This means that an authenticated user can inject arbitrary Perl code through the create_user API, which could allow one tenant to run code that affects the entire machine on a shared hosting server.
The third vulnerability, CVE-2026-29203, is a privilege escalation vulnerability via unsafe symlink with a CVSS score of 8.8. This means that a user can modify access permissions of an arbitrary file using chmod, resulting in denial-of-service or possible privilege escalation.
How to Patch – Step by Step
To patch these vulnerabilities, follow these steps:
- Log in to your cPanel account and navigate to the Update Preferences page.
- Click on the “Update Now” button to apply the latest security patches.
- Verify that the patches have been successfully applied by checking the Update History page.
Should You Also Check for the Previous Compromise?
Yes, it’s essential to check for the previous compromise, especially if you haven’t already done so. The ransomware attack on 44,000 servers was a significant incident, and it’s crucial to ensure that your server is not affected.
The Broader Pattern
This is not the first time cPanel has faced security issues. In recent years, the company has faced several high-profile vulnerabilities, including the CVE-2020-25223 vulnerability, which allowed attackers to gain administrative access to cPanel accounts.
While cPanel has taken steps to address these vulnerabilities, the frequency and severity of these incidents raise concerns about the company’s security practices. As a user, it’s essential to stay informed and take proactive steps to protect your server and data.
Conclusion
In conclusion, the latest security patches from cPanel are a crucial step in protecting your server and data from potential vulnerabilities. By understanding the vulnerabilities and taking proactive steps to patch them, you can ensure the security and integrity of your online presence.
Remember to always stay informed about the latest security updates and best practices, and to take proactive steps to protect your server and data. For more information on cPanel security, visit the cPanel documentation page or check out the MIT Technology Review for the latest news and insights on technology and security.