Latest Cyber Security News

You are here: Home / General Cyber Security News / Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
April 29, 2026

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software.

The problem affects all currently supported versions, according to an alert released by cPanel on Tuesday. The issue has been addressed in the following versions –

  • 11.110.0.97
  • 11.118.0.63
  • 11.126.0.54
  • 11.132.0.29
  • 11.136.0.5
  • 11.134.0.20

Cybersecurity

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“If your server is not running a supported version of cPanel that is eligible for this update, it is highly recommended that you work toward updating your server as soon as possible, as it may also be affected,” cPanel noted.

While cPanel did not share any details about the vulnerability, web hosting and domain registration company Namecheap disclosed that it “relates to an authentication login exploit that could allow unauthorized access to the control panel.”

As a precautionary measure, the company has applied a firewall rule to block access to TCP ports 2083 and 2087, a move it said will temporarily restrict customer access to their cPanel and WHM interfaces until a full patch is applied.

“Our team is actively monitoring the situation and will apply the official patch across all supported servers as soon as it becomes available,” Namecheap noted. “Access to your control panels will be restored immediately once the patch has been successfully deployed.”

As of April 29, 2026, 02:42 a.m. UTC, the fix has been applied to Reseller, Stellar Business servers, and the rest, according to the Namecheap Support Team.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *