Posted: May 13, 2026
Start: 10:00 AM PST, May 13, 2026
Affected: All managed cPanel & WHM servers
cPanel has disclosed five security vulnerabilities rated up to High severity (CVE-2026-29205, CVE-2026-29206, CVE-2026-32991, CVE-2026-32992, CVE-2026-32993) with patches releasing today at 1:00 PM EST / 10:00 AM PST.
Affected versions: 86, 94, 102, 110, 110 CL6, 118, 124, 126, 130, 132, 134, 136, 136 (WP2)
Beginning at 10:00 AM PST, we will begin rolling out these patches across all servers under our management. Updates will be applied progressively rather than all at once.
Expected impact: Individual servers may experience a brief service interruption of under 5 minutes during their respective patch window. Services will resume automatically.
Managed clients (including Elastic Hosting and Reseller Hosting): No action required. Patches will be applied automatically.
Unmanaged clients running cPanel & WHM: Please ensure you patch your servers as soon as the update is available. We strongly recommend performing a manual update once the patch is made available.
We will update this post as the rollout progresses and post a final confirmation once all servers have been patched.
