- cPanel has issued urgent security updates to fix a critical authentication vulnerability.
- All currently supported versions of the web hosting control panel software are affected.
- Hosting provider Namecheap blocked ports to prevent exploits while patches are deployed.
- The flaw could allow attackers unauthorized access to the control panel interface.
cPanel released critical security updates on Tuesday, April 29, 2026, to patch a flaw that could let attackers breach its web hosting control panel software. The vulnerability impacts all currently supported versions of the platform.
According to an alert from cPanel, the issue has been resolved in specific versions like 11.110.0.97 and 11.118.0.63. Consequently, servers on unsupported versions remain at significant risk.
Meanwhile, Namecheap disclosed that the bug “relates to an authentication login exploit that could allow unauthorized access to the control panel.” The company took drastic action to protect its customers.
As a precaution, Namecheap applied firewall rules blocking TCP ports 2083 and 2087. This move temporarily restricted client access to cPanel and WHM interfaces.
The hosting provider stated its team is actively monitoring the situation for an official patch. Access will be restored immediately once the fix is successfully deployed across servers.
By early April 29, 2026, UTC, the fix had been applied to Reseller and Stellar Business servers. Patches for remaining systems were being rolled out promptly.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
