CVE-2026-29206

HIGH NVD

CVSS Score 8.1

Severity HIGH

Published May 13, 2026

Vendor unknown

Description

Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.

References

https://support.cpanel.net/hc/en-us/articles/40437213099159-Security-CVE-2026-29206-cPanel-WHM-WP2-Security-Update-May-13-2026