cPanel has announced the release of critical security patches to resolve an authentication vulnerability that could potentially allow unauthorized access to their control panel software. This issue affects all active versions, prompting administrators to update their servers promptly.
Affected Versions and Urgent Recommendations
According to cPanel’s official alert, the vulnerability impacts all versions currently in use. The security updates are specifically available for versions 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.136.0.5, and 11.134.0.20. Administrators running unsupported versions are strongly advised to upgrade their systems to receive the patch.
cPanel has not disclosed detailed technical information about the vulnerability. However, it has stressed the critical nature of updating servers to mitigate potential risks. Web hosting provider Namecheap has confirmed that the issue involves an authentication login exploit, potentially granting unauthorized access to the control panel.
Preventive Measures and Ongoing Monitoring
In response to the threat, Namecheap has implemented a temporary firewall rule to block access to TCP ports 2083 and 2087. This measure is intended to limit customer access to cPanel and WHM interfaces, reducing the risk of exploitation until a comprehensive fix is deployed.
Namecheap has assured its customers that it is closely monitoring the situation and plans to apply the official patch to all supported servers immediately upon availability. The company has committed to restoring full access to control panels as soon as the update is implemented.
Current Status and Next Steps
As of April 29, 2026, at 02:42 a.m. UTC, the patch has been successfully applied to Reseller and Stellar Business servers, among others, as reported by the Namecheap Support Team. Administrators are urged to ensure their servers are updated to prevent any potential unauthorized access.
Moving forward, it is crucial for server administrators to remain vigilant and apply security updates as they are released. Keeping software up-to-date is a fundamental practice in safeguarding systems against emerging vulnerabilities and ensuring the security of web hosting environments.
