1. CVE-2026-29203: cPanel Nova Plugin Symlink Flaw Enables Root Privilege Escalation
A high-severity vulnerability tracked as CVE-2026-29203 (CVSS 8.8) has been disclosed in cPanel's Nova plugin, exposing a symlink-following flaw that could allow authenticated users to manipulate root-level permissions on arbitrary system files. The vulnerability resides in the Cpanel::Nova::Connector component, where ...