A critical cPanel vulnerability was publicly disclosed today CVE-2026-41940, affecting all currently supported versions of cPanel and WHM. This resulted in many hosting providers needing to temporarily disable cPanel and WHM access, resulting in cPanel being down.
The flaw targets the login authentication process and could allow unauthorized access to server control panels if left exposed. There is no patch available yet — cPanel is actively developing one. In the meantime, we’ve implemented the security measures recommended by cPanel to protect every server we manage. If you’ve tried to access cPanel or WHM today and found it unavailable, that’s intentional. Your websites, email, and applications are not affected in any way. If you have questions, contact us directly and we’ll help.
Update – April 29, 2026 2PM: The patch has been applied to all eligible servers and cPanel / WHM services access has been restored.
Update – April 28, 2026 8PM: cPanel has released a patch for this vulnerability and we are actively deploying it across all eligible servers. Once installation is complete on your server, cPanel and WHM access will be restored automatically. No action is required on your part. For any servers that are using much older versions of cPanel and this patch is not compatible, our team is working on options for your servers.
What the Vulnerability Is
cPanel published an advisory today identifying a critical security flaw in the login authentication system used by cPanel and WHM – the control panel interfaces that hosting clients and server administrators use to manage websites, email accounts, databases, and server settings.
The vulnerability affects all currently supported versions of cPanel. cPanel has confirmed that a patch is in development for all supported versions. Until that patch is released and deployed, the only effective mitigation is to block the network ports cPanel and WHM use to accept connections.
You can read cPanel’s official advisory here: Critical Vulnerability with cPanel & WHM Login Authentication
How We Responded to the cPanel Authentication Vulnerability
When the advisory was published, we acted immediately. Access to cPanel and WHM has been temporarily restricted by blocking the following ports at the network level:
- Port 2082 – cPanel (HTTP)
- Port 2083 – cPanel (HTTPS)
- Port 2086 – WHM (HTTP)
- Port 2087 – WHM (HTTPS)
- Port 2096 / 2097 – Webmail
- Port 2077 / 2078 – WebDisk
This is the mitigation cPanel themselves recommend, and it is currently the most effective way to prevent unauthorized access while a permanent fix is finalized.
What This Means for Your Website
Restricting cPanel and WHM access has no impact on your hosted websites, applications, email, or any other services running on your server. Everything continues to operate normally.
The only thing affected is the ability to log into the cPanel, WHM, webmail or WebDisk interfaces directly. If you need a change made to your hosting account – adding an email address, updating DNS records, or anything else normally handled through the control panel – contact us and we’ll take care of it until access is restored.
When Will Access Be Restored?
Access will be restored as soon as cPanel releases a verified patch and we’ve deployed it across our servers. We are actively monitoring cPanel’s official communications and will move quickly once a fix is available.
We won’t restore access before a patch is in place. The exposure this vulnerability creates is not worth the convenience of early access.
UPDATE: cPanel has released a patch to address the authentication vulnerability that was identified today. Our engineers are currently working on deploying this patch across eligible cPanel services.
How TPP Web Solutions Handles Security
When a critical security vulnerability surfaces, there’s a decision to make: wait and see, or act immediately. We act immediately.
An authentication flaw in a widely-used control panel is not a theoretical risk. It’s the kind of exposure that gets targeted quickly once it becomes public knowledge. Restricting access the moment the advisory went out is the right call – even if it creates a temporary inconvenience.
At TPP Web Solutions, we monitor security advisories from the software vendors that power the servers we manage. When something serious surfaces, we don’t wait for clients to ask – we respond first and explain why.
If you’re currently evaluating hosting providers and want to know how they handle situations like this cPanel vulnerability 2026, that’s exactly the right question to ask. We’re happy to talk through our approach.
Have a Question About Your Hosting?
Reach out to us directly. If you need something changed in your hosting account while cPanel access is restricted, or if you want to understand what this means for your specific setup, we’ll get back to you promptly.
Leave a Reply
You must be logged in to post a comment.