Temporary Network Restrictions - Emergent cPanel Threat Friday 8th May 2026 10:44:00

We have been notified of additional emergent threats associated with cPanel. (CVE-2026-29201 CVE-2026-29202 CVE-2026-29203)

Whilst minimal details have been released about the precise nature of these vulnerabilities, we have temporarily restricted access to the following cPanel ports as a precautionary measure.

2077,2078 (WebDAV and WebDAV SSL)
2079,2080 (CalDAV and CalDAV SSL)
2082,2083 (cPanel)
2086,2087 (WHM)
2095,2096 (Webmail)

cPanel are expected to release an emergency update later today. (8th May 2026)

Once we are confident customers are adequately protected we will remove these temporary network restrictions.

Thank you for your patience.

Temporary network restrictions have now been removed and customers should be able to access cPanel/WHM as normal.

Posted 1 month ago by nick

An update has now been released and we are pro-actively updating cPanel servers across the environment. Due to the number of servers involved, this will take several hours.

To protect customers with self-managed deployments, network restrictions will remain in-place overnight to allow those servers to update as part of the standard nightly cPanel autoupdate process.

Posted 1 month ago by nick