CVE-2026-32991
Severity Score
7.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2026-03-17 CVE Reserved
- 2026-05-13 CVE Published
- 2026-05-14 CVE Updated
- 2026-05-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://support.cpanel.net/hc/en-us/articles/40437254183959-Security-CVE-2026-32991-cPanel-WHM-WP2-Security-Update-May-13-2026 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.136.0.0 < 11.136.0.10 Search vendor "WebPros" for product "CPanel" and version " >= 11.136.0.0 < 11.136.0.10" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.134.0.0 < 11.134.0.26 Search vendor "WebPros" for product "CPanel" and version " >= 11.134.0.0 < 11.134.0.26" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.132.0.0 < 11.132.0.32 Search vendor "WebPros" for product "CPanel" and version " >= 11.132.0.0 < 11.132.0.32" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.130.0.0 < 11.130.0.23 Search vendor "WebPros" for product "CPanel" and version " >= 11.130.0.0 < 11.130.0.23" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.126.0.0 < 11.126.0.59 Search vendor "WebPros" for product "CPanel" and version " >= 11.126.0.0 < 11.126.0.59" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.124.0.0 < 11.124.0.38 Search vendor "WebPros" for product "CPanel" and version " >= 11.124.0.0 < 11.124.0.38" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.118.0.0 < 11.118.0.67 Search vendor "WebPros" for product "CPanel" and version " >= 11.118.0.0 < 11.118.0.67" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel Search vendor "WebPros" for product "CPanel" | >= 11.110.0.0 < 11.110.0.119 Search vendor "WebPros" for product "CPanel" and version " >= 11.110.0.0 < 11.110.0.119" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | WP Squared Search vendor "WebPros" for product "WP Squared" | >= 11.136.1.0 < 11.136.1.12 Search vendor "WebPros" for product "WP Squared" and version " >= 11.136.1.0 < 11.136.1.12" | en |
Affected
| ||||||
| WebPros Search vendor "WebPros" | CPanel (CloudLinux 6, CentOS 6) Search vendor "WebPros" for product "CPanel (CloudLinux 6, CentOS 6)" | >= 11.110.0.0 < 11.110.0.118 Search vendor "WebPros" for product "CPanel (CloudLinux 6, CentOS 6)" and version " >= 11.110.0.0 < 11.110.0.118" | en |
Affected
| ||||||