Urgent cPanel Security Alert: Authentication Vulnerability Explained

Critical cPanel Security Update (CVE-2026-41940)

A critical authentication vulnerability has been identified in cPanel & WHM, affecting all supported versions. This issue may allow unauthorized access through certain authentication paths if not patched.

Important: This vulnerability affects all supported versions. Immediate update is required.

What Is the Issue?

The vulnerability impacts authentication mechanisms and may allow bypassing login protections. If exploited, attackers could gain access to hosting accounts and server resources.

  • Unauthorized access to cPanel and WHM
  • Exposure of sensitive data
  • Potential full server compromise

Who Is Affected?

All currently supported versions of cPanel are affected until updated with the latest patch.

What Should You Do?

cPanel has released patched builds. You must update your server so that your version matches one of the following: 

11.110.0.97
11.118.0.63
11.126.0.54
11.130.0.18
11.132.0.29
11.134.0.20
11.136.0.5
WP Squared 11.136.1.7

Run the following command to update your server and retrieve the patched version: 

/scripts/upcp --force

After updating, verify your installed version: 

/usr/local/cpanel/cpanel -V

If your version matches one of the builds listed above, your system is patched and secure.

It is recommended to restart the cPanel service after updating: 

/scripts/restartsrv_cpsrvd
Warning: If your server is running an unsupported version of cPanel, it will not receive this patch. You should upgrade to a supported version as soon as possible.

Are SharedLicense Users Safe?

Yes. All systems at SharedLicense have already been updated and secured with the latest patches.

  • All servers are fully patched
  • No action is required from clients
  • Services remain secure and stable

Why This Matters

Security vulnerabilities like this highlight the importance of keeping your server updated and using reliable providers.

  • Prevents unauthorized access
  • Protects customer data
  • Avoids downtime and service disruption
  • Maintains trust and reliability

Get a Secure cPanel License

Using a trusted license ensures you always receive critical updates without delay.

Buy cPanel License

Final Thoughts

This is a critical vulnerability and should not be ignored. Updating your server immediately is essential to maintain security and prevent potential compromise.

If you are using SharedLicense, your services are already protected with the latest updates.

case studies

See More Case Studies