Issue:
cPanel have today released details of a zero day cPanel vulnerability that allows authentication bypass to servers and hosting accounts. We are in the process of deploying emergency updates to all servers to patch this, therefore some services may be briefly affected whilst the updates are applied.
Please note, cPanel and WHM access is blocked until the updates are complete
Update:
We can confirm that all servers have been patched against this vulnerability. We have also undertaken a detailed security audit of all servers to identify any activity that may have been linked to this. Thankfully, due to our security hardening in place on our servers, the automated attacks were not able to do any damage to servers or accounts.
We will continue to investigate this in the background and are adding further security measures to prevent any future such issues and will be speaking to cPanel about this.
Thursday, April 30, 2026
