Security Advisory: Immediate cPanel Update Recommended for VPS & Dedicated Servers

Update May 08, 2026

Dear Customers,

cPanel has released additional security patches and recommendations to further strengthen protection against recently disclosed vulnerabilities. Applying these updates at the earliest is recommended to help safeguard your server environment and avoid potential service impact.

Customers using VPS and Dedicated Servers are strongly advised to ensure the following components are updated to the latest supported versions.

Please refer to the official advisories below for more details

• cPanel & WHM cPanel Security Update – May 08 2026
• EasyApache packages Security Advisory – CVE-2026-23918
• Operating System Kernel Linux Kernel Advisory – CVE-2026-31431

For most customers, the patches have already been applied or are being rolled out automatically; however, customers using custom SSH ports or self-managed servers are advised to perform the recommended updates from their end.

We recommend performing these updates as soon as possible as a precautionary security measure. Thank you for your continued cooperation and understanding.

Update May 04, 2026

Dear Customers,

We recognize the importance of your services and acknowledge the inconvenience this situation may be causing.

As previously communicated (reference: https://pulse.crazydomains.com/announcement/197), this matter relates to a recently disclosed security vulnerability affecting cPanel & WHM login, a widely used third-party control panel. Following this disclosure, we promptly implemented precautionary measures across relevant systems.

Our teams are actively assessing the situation and working to restore services in a controlled and secure manner. Given the nature of the vulnerability, access to certain services (Server/WHM/cPanel) has been temporarily restricted as a precaution to safeguard data and mitigate potential risks.

We will continue to monitor developments and provide updates as appropriate. We appreciate your patience and understanding.

Dear Customers,

A critical security vulnerability affecting cPanel & WHM login authentication has recently been identified by the vendor. This issue impacts all currently supported versions of cPanel and may expose servers to unauthorized access if left unpatched.

The good news is that cPanel has now released the official security patch for supported versions. We strongly recommend that all customers using VPS and Dedicated Servers; update to the latest cPanel version at the earliest to avoid any potential impact from this vulnerability.

Action Required: Please update cPanel to the latest version via WHM or from the server using the standard update process.

For guidance, please refer to the official documentation: https://docs.cpanel.net/whm/cpanel/upgrade-to-latest-version/

Important Notes

• No known service impact has been reported at this time.
• Servers with auto-updates enabled may already receive the patch automatically.
• Customers running older / unsupported cPanel versions are strongly advised to upgrade to a supported build immediately, as the vulnerability may also affect those versions.

We recommend applying this update as soon as possible as a precautionary security measure.