⚠️ Critical Privilege Escalation Vulnerability
A vulnerability identified as CVE-2026-32991 affects Team User permissions in cPanel & WHM versions 110 and higher.
🔍 Vulnerability Overview
cPanel discovered that a low-privilege Team User using the default role configuration could escalate privileges through specific UAPI modules.
This flaw could allow a restricted Team User account to gain capabilities belonging to the primary account owner.
The vulnerability specifically impacts environments utilizing cPanel Team Users with delegated access permissions.
🚨 Potential Impact
- Privilege escalation from Team User accounts
- Unauthorized access to account owner capabilities
- Potential account takeover scenarios
- Unauthorized service modifications
- Security boundary bypass using UAPI modules
📌 Affected Versions
cPanel & WHM 110 and higher
✅ Patched cPanel Versions
11.110.0.118
(cl6110)
(cl6110)
11.110.0.119+
11.118.0.67+
11.124.0.38+
11.126.0.59+
11.130.0.23+
11.132.0.32+
11.134.0.26+
11.136.0.10+
WP Squared patched version:
11.136.1.12 and higher
11.136.1.12 and higher
CentOS 6 / CloudLinux 6 Users:
Set the upgrade tier using:
Set the upgrade tier using:
sed -i "s/CPANEL=.*/CPANEL=cl6110/g" /etc/cpupdate.conf
🛠️ How to Update cPanel
Run the following command as root:
/scripts/upcp --force
Verify the installed version after updating:
/usr/local/cpanel/cpanel -V
🔒 Additional Security Fixes Included
CVE-2026-29205
CVE-2026-29206
CVE-2026-32992
CVE-2026-32993
🔒 Security Recommendation
If your environment uses Team Users, immediately update all cPanel servers and review Team User roles and permissions for unnecessary access.
⚠️ Final Security Warning:
Servers running outdated cPanel versions remain vulnerable to Team User privilege escalation and potential unauthorized account access.
Servers running outdated cPanel versions remain vulnerable to Team User privilege escalation and potential unauthorized account access.