{"vulnerability": "cve-2026-29201", "sightings": [{"uuid": "aad64d2f-02ca-40be-9db3-eb9361cfa8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/116539015130620185", "content": "Rien ne dit \u201cbon week-end\u201d comme trois CVE cPanel annonc\u00e9es un vendredi, avec les d\u00e9tails techniques livr\u00e9s pile au moment du patch -->c\u2019est-\u00e0-dire \u00e0 18h, l\u2019heure sacr\u00e9e de l\u2019ap\u00e9ro.\nSant\u00e9 aux admins qui vont lancer /scripts/upcp avec une main sur le clavier et l\u2019autre sur le verre. \ud83d\udc47**\"To help protect customers prior to patch availability, technical details about vulnerabilities will be released alongside the patches. Full technical details will be published on our support page at the same time the patch is released. The CVE IDs are CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203. \nPatch & Affected Versions The patch will be available on May 08 at 12:00pm EST and will be distributed through the standard cPanel automatic update process and through the manual update process. We strongly recommend performing a manual update with /scripts/upcp once the patch is made available.\"**\ud83d\udc47 https://www.reddit.com/r/cpanel/comments/1t6wf5n/cpanel_whm_security_update_cve202629201/\n#CpanelVulnerability #cpanel #CyberVeille #vuln #infosec", "creation_timestamp": "2026-05-08T12:44:09.921261Z"}, {"uuid": "ac68d153-b781-4c3c-8f42-ad3469f72c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html", "content": "cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service.\nThe list of vulnerabilities is as follows -\n\nCVE-2026-29201 (CVSS score: 4.3) - An insufficient input validation of the feature file name in the \"feature::LOADFEATUREFILE\" adminbin call that could result", "creation_timestamp": "2026-05-09T05:16:00.000000Z"}, {"uuid": "0dbd682b-6d14-4994-bbbe-af953c6f6ed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cpanel-security-advisory-av26-437", "content": "", "creation_timestamp": "2026-05-08T11:49:02.000000Z"}, {"uuid": "41f37002-9d94-4fc5-b4cb-9fb2758e02ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/116544182422691954", "content": "Spoiler de l'\u00e9pisode de hier : cPanel a bien livr\u00e9 les d\u00e9tails techniques en m\u00eame temps que les patchs. Au menu de l'after :\n\u2022 CVE-2026-29201 : path traversal :8bitrainbow:  via feature::LOADFEATUREFILE \u2192 fichier arbitraire en world-readable\u2022 CVE-2026-29202 : injection Perl dans create_user (param\u00e8tre plugin)\u2022 CVE-2026-29203 : symlink mal g\u00e9r\u00e9 \u2192 chmod arbitraire \u2192 DoS + escalade de privil\u00e8ges\n/scripts/upcp et go apero!Bon courage aux admins de garde \ud83e\udee1\nhttps://docs.cpanel.net/changelogs/134-change-log/#134025\nhttps://vulnerability.circl.lu/vuln/CVE-2026-29203\n#CyberVeille #cpanel #CVE_2026_29203#CVE_2026_29202#CVE_2026_29201", "creation_timestamp": "2026-05-09T10:38:17.069005Z"}, {"uuid": "bc224517-8a2e-4e01-a48c-e03adfaf197e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mlgzzadeim2l", "content": "cPanel updates fix 3 vulnerabilities in cPanel & WHM, including privilege escalation & DoS. CVE-2026-29201 has a CVSS score of 4.3. Update now to stay secure!", "creation_timestamp": "2026-05-09T20:02:32.789309Z"}, {"uuid": "cd4167b3-c43e-460d-85c4-77c88512f9ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/hn-frontpage-bot.bsky.social/post/3mlhlj7bx752u", "content": "cPanel released a second emergency security patch for three new high-severity vulnerabilities (CVE-2026-29201, CVE-2026-29202, CVE-2026-29203) on May 8, 2026, following a major ransomware attack. This indicates a deeper code audit after the previous compromise.", "creation_timestamp": "2026-05-10T01:15:42.352667Z"}, {"uuid": "89969d94-d3fd-4582-b1b1-2748cf891711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/openfactory.peering.social.ap.brid.gy/post/3mle5fdes5pb2", "content": "Unser t\u00e4glich CVE Emergency patch gib uns heute\n\nCVE-2026-29201, CVE-2026-29202, and CVE-2026-29203\n\nFun times.", "creation_timestamp": "2026-05-08T16:25:01.768344Z"}, {"uuid": "3ef53f68-cef1-4879-9a01-6bd7ec2a975c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mlizxrgkd32y", "content": "Critical vulnerabilities in cPanel & WHM (CVE-2026-29201, CVE-2026-29202, CVE-2026-29203) expose servers to RCE and DoS attacks. Admins must update immediately. #CyberSecurity #cPanel #WHM #Vulnerability Link: thedailytechfeed.com/critical-cpa...", "creation_timestamp": "2026-05-10T15:07:03.814198Z"}, {"uuid": "0bde6635-d7a8-4751-84a1-b75ee06f3412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mli2inlydw2y", "content": "Critical: Three New cPanel & WHM Vulnerabilities (CVEs 2026-29201/2/3) Threaten Code Execution and DoS \u2014 Patch Immediately +\u00a0Video\n\nIntroduction: Three newly disclosed critical security vulnerabilities in cPanel & WHM, tracked as CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203, could allow\u2026", "creation_timestamp": "2026-05-10T05:43:50.404246Z"}, {"uuid": "b4b8c27e-e1ea-4651-90a4-507419d8f62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-13", "content": "", "creation_timestamp": "2026-05-08T04:00:00.000000Z"}, {"uuid": "219db91c-02d5-499b-90ba-b67b6c9dec0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mlizyboth425", "content": "Critical vulnerabilities in cPanel & WHM (CVE-2026-29201, CVE-2026-29202, CVE-2026-29203) expose servers to RCE and DoS attacks. Admins must update immediately. #PotatoSecurity #cPanel #WHM #Vulnerability Link: thedailytechfeed.com/critical-cpa...", "creation_timestamp": "2026-05-10T15:07:19.748015Z"}, {"uuid": "31acdaa4-d9dc-42cd-aa3b-2d9de01d1736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mlj6rgbnzch2", "content": "New cPanel vulnerabilities could allow file access and remote code execution cPanel fixed three flaws that could allow file reads, code execution, and privilege escalation. No active exploitation h...\n\n#Breaking #News #Security #cPanel #CVE-2026-29201 #CVE-2026-29202 #CVE-2026-29203 #Cybercrime [\u2026]", "creation_timestamp": "2026-05-10T16:33:03.184530Z"}, {"uuid": "d978685c-e91f-4161-99c1-5024075fada9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mlka652tl522", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 141 interactions\nCVE-2026-43284: 122 interactions\nCVE-2026-43500: 84 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-42511: 56 interactions\nCVE-2024-13362: 4 interactions\nCVE-2026-29201: 3 interactions\n", "creation_timestamp": "2026-05-11T02:30:39.800228Z"}, {"uuid": "ebdba29d-7e64-44bf-9269-2cee9d088bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mlljuslwde2l", "content": "Critical vulnerabilities in cPanel & WHM (CVE-2026-29201, CVE-2026-29202, CVE-2026-29203) allow RCE and DoS attacks. Admins must update immediately to secure servers. #CyberSecurity #cPanel #WHM #Vulnerability Link: thedailytechfeed.com/critical-cpa...", "creation_timestamp": "2026-05-11T14:57:10.626925Z"}, {"uuid": "d00dece1-7f99-4373-91d4-a7cf621b68f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "Telegram/rB8l1QMwML3-L-md48SJtXfKVla--a2WVaiAK-n-V-b3cw", "content": "", "creation_timestamp": "2026-05-09T07:58:26.000000Z"}, {"uuid": "897b10f5-7e28-47a9-9fbd-e96400ad3ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-29201", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-cpanel-and-whm-leading-privilege-escalation-patch", "content": "", "creation_timestamp": "2026-05-12T01:21:19.000000Z"}]}