cPanel has launched security updates to deal with a security concern impacting numerous authentication paths that might permit an attacker to acquire entry to the management panel software program.
The issue impacts all at present supported variations, in response to an alert launched by cPanel on Tuesday. The difficulty has been addressed within the following variations –
- 11.110.0.97
- 11.118.0.63
- 11.126.0.54
- 11.132.0.29
- 11.136.0.5
- 11.134.0.20
“In case your server just isn’t working a supported model of cPanel that’s eligible for this replace, it’s extremely advisable that you just work towards updating your server as quickly as attainable, as it could even be affected,” cPanel famous.
Whereas cPanel didn’t share any particulars concerning the vulnerability, internet hosting and area registration firm Namecheap disclosed that it “pertains to an authentication login exploit that might permit unauthorized entry to the management panel.”
As a precautionary measure, the corporate has utilized a firewall rule to dam entry to TCP ports 2083 and 2087, a transfer it mentioned will briefly limit buyer entry to their cPanel and WHM interfaces till a full patch is utilized.
“Our group is actively monitoring the state of affairs and can apply the official patch throughout all supported servers as quickly because it turns into accessible,” Namecheap famous. “Entry to your management panels will probably be restored instantly as soon as the patch has been efficiently deployed.”
As of April 29, 2026, 02:42 a.m. UTC, the repair has been utilized to Reseller, Stellar Enterprise servers, and the remainder, in response to the Namecheap Assist Group.
