cPanel Zero Day - Restricted control panel access precaution

Resolved·Degraded performance

cPanel has issued an official fix which apparently resolves the issue.
We have applied the patches suggested and restored control panel access.
We have also reset any logged-in sessions to err on the side of caution.

Wed, Apr 29, 2026, 09:09 AM

(2 weeks ago)

·

Affected components

Apr 28, 2026, 08:43 PM

Apr 29, 2026, 09:09 AM

Updates

Resolved

cPanel has issued an official fix which apparently resolves the issue.
We have applied the patches suggested and restored control panel access.
We have also reset any logged-in sessions to err on the side of caution.

Wed, Apr 29, 2026, 09:09 AM

Monitoring

We have taken steps to limit access - as far as we can see, no compromise has taken place.
We will await cPanel's official update and fix to restore access to affected areas such as control panels and WHM.

Tue, Apr 28, 2026, 09:01 PM(12 hours earlier)

Identified

A cPanel Zero day authentication exploit has been found - out of an abundance of caution while cPanel work on a fix, we have taken action to protect systems from unauthenticated access to the affected area of the control panel.
This is an issue with cPanel itself, and not an issue with hosting or your websites.
This is tracked by cPanel themselves here: https://support.cpanel.net/hc/en-us/articles/40073787579671-Critical-Vulnerability-with-cPanel-WHM-Login-Authentication

Tue, Apr 28, 2026, 08:43 PM(18 minutes earlier)