Known Vulnerabilities for CPanel by WebPros
Listed below are 6 of the newest known vulnerabilities associated with "CPanel" by "WebPros".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-48172 json | LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May... | Not Provided | 2026-05-21 | 2026-05-26 |
| CVE-2026-41940 json | cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthentica... | Not Provided | 2026-04-29 | 2026-05-04 |
| CVE-2026-29203 json | A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbit... | Not Provided | 2026-05-08 | 2026-05-15 |
| CVE-2026-9516 json | Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter call... | Not Provided | 2026-06-03 | 2026-06-03 |
| CVE-2026-9334 json | Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is ena... | Not Provided | 2026-06-03 | 2026-06-03 |
| CVE-2025-22690 json | Cross-Site Request Forgery (CSRF) vulnerability in DigiTimber DigiTimber cPanel Integration digitimber-cpanel-integration all... | Not Provided | 2025-02-03 | 2026-04-23 |