cPanel & WHM Security Vulnerability – Temporary Access Restrictions – April 28, 2026 DerrellPosted on April 28, 2026, Updated on May 12, 2026 2 Minute Read cPanel has disclosed a critical authentication vulnerability affecting all currently supported versions of cPanel & WHM. This is an industry-wide issue, and we are taking immediate action to protect your environment while patches are released and verified. For full details from cPanel, see their official advisory: cPanel & WHM Security Update 04/28/2026. Resolution Update (April 29, 2026): cPanel has released patches addressing this vulnerability. Our team has applied the updates across affected servers and restored normal cPanel and WHM access. The patched cPanel & WHM versions are: 11.86.0.41 11.110.0.97 11.118.0.63 11.126.0.54 11.130.0.19 11.132.0.29 11.134.0.20 11.136.0.5 Dedicated and VPS server customers: If you manage your own cPanel updates, run the following command to retrieve the patched version: /scripts/upcp --force/scripts/upcp --force You can confirm you are on a patched version with: /usr/local/cpanel/cpanel -V/usr/local/cpanel/cpanel -V As long as the output matches one of the versions listed above, your system has been patched. Warning: If your server is not running a supported version of cPanel eligible for this update, it is highly recommended that you update your server as soon as possible, as it may also be affected. What We Did To reduce exposure, we temporarily closed the ports used for cPanel and WHM access on affected servers. They remained closed until cPanel released patches, our team applied them, and we validated that the fix was working as intended. What This Means for You Your websites, applications, databases, and email continue to operate normally. Direct cPanel and WHM logins may be temporarily unavailable. Your Account Management Panel (AMP) login is not affected. Questions? Your security and the integrity of your service are our top priority. For live updates, visit status.inmotionhosting.com. If you have questions, reach out to our Technical Support team anytime. Thank you for your patience and trust while we work to restore normal access. Share this Article Derrell Willis Manager, Developer Relations More Articles by Derrell Related Articles cPanel Security Patch Coming May 13, 2026: Five CVEs Up to High Severity WHMCS Security Advisory: CVE-2026-29204 Requires Immediate Update cPanel Security Update Patch – May 8, 2026 cPanel & WHM Security Vulnerability – Temporary Access Restrictions – April 28, 2026 CVE-2026-41940: Full Technical Details and InMotion’s Response cPanel Security Update: What You Need to Know Node.js 26 Released: What’s New Human Support, Better Tools, and Our Promise to You How InMotion Hosting Solved MySQL Memory Leaks at Scale with TCMalloc Premium Website Builder Reaches End-of-Life
