The past several weeks have brought a whirlwind of new security vulnerabilities, many of them critical in nature. While we’ve been posting updates to the notification section within our portal, we wanted to begin posting these here given how frequent they’re likely to continue given recent AI developments. If you would like to stay up-to-date on these, you can subscribe to our blog to receive email notifications for any updates. For the most part, though, these have little impact to clients other than an occasional server reboot to get updates fully applied.

cPanel / WHM Authentication Bypass Vulnerability (CVE-2026-41940)

This recent wave was kicked off by the most severe of the vulnerabilities thus far, an authentication bypass vulnerability within cPanel / WHM  scoring a 9.8 out of 10.

Our advanced and extensive monitoring of all servers that we manage helped us to detect and address this well before this vulnerability was public. We first encountered this in the wild on April 8 and confirmed its presence on April 20. We immediately reported this to cPanel and disabled public WHM access to our servers at that time.

cPanel finally released updates to address this vulnerability nine days later, on April 29. We installed these updates as quickly as we could and lifted the WHM access restrictions. Afterwards, it only took a few hours of this being public before we began seeing extensive attempts to exploit this vulnerability. This highlights the necessity in patching these vulnerabilities quickly. Continue reading →