CPANEL has released security updates to address a vulnerability affecting various authentication paths that could allow unauthorized access to the control panel, according to an alert from cPanel. The issue affects all currently supported versions, and fixes are included in the following versions: 11.110.0[.]97, 11.118.0[.]63, 11.126.0[.]54, 11.132.0[.]29, 11.136.0[.]5 and 11.134.0[.]20.
If a server is not running a supported version eligible for the update, administrators are urged to update as soon as possible, as it may be affected. Namecheap disclosed that the vulnerability relates to an authentication login exploit and has implemented a firewall rule to block access to TCP ports 2083 and 2087, temporarily restricting access to cPanel and WHM interfaces until a full patch is applied. As of 02:42 a.m.
UTC on 29 April 2026, the Namecheap Support Team reported that the fix has been applied to Reseller, Stellar Business servers, and the remainder. according to Namecheap.