{"id":12747,"date":"2026-05-10T07:04:37","date_gmt":"2026-05-10T07:04:37","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/05\/10\/cpanel-whm-patch-3-new-vulnerabilities-html\/"},"modified":"2026-05-10T07:04:37","modified_gmt":"2026-05-10T07:04:37","slug":"cpanel-whm-patch-3-new-vulnerabilities-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/05\/10\/cpanel-whm-patch-3-new-vulnerabilities-html\/","title":{"rendered":"cPanel, WHM Release Fixes for Three New Vulnerabilities \u2014 Patch Now"},"content":{"rendered":"<p>    cPanel, WHM Release Fixes for Three New Vulnerabilities \u2014 Patch Now<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service.<br \/>\nThe list of vulnerabilities is as follows &#8211;<\/p>\n<p>CVE-2026-29201 (CVSS score: 4.3) &#8211; An insufficient input validation of the feature file name in the &#8220;feature::LOADFEATUREFILE&#8221; adminbin call that could result<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/thehackernews.com\/2026\/05\/cpanel-whm-patch-3-new-vulnerabilities.html\">Go to TheHackersNews<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>cPanel, WHM Release Fixes for Three New Vulnerabilities \u2014 Patch Now cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager (WHM) that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows &#8211; CVE-2026-29201 (CVSS score: 4.3) &#8211; An insufficient input validation [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[76],"class_list":["post-12747","post","type-post","status-publish","format-standard","hentry","category-thehackersnews","tag-thehackersnews"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12747"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=12747"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12747\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=12747"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=12747"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=12747"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}