Ugggh this one is going to suck.

mttaggart@infosec.exchange

Ugggh this one is going to suck. cPanel is everywhere and most are not patched frequently.

https://www.bleepingcomputer.com/news/security/cpanel-whm-emergency-update-fixes-critical-auth-bypass-bug

dec23k@mastodon.ie

@mttaggart
Before the patches were released, the recommended emergency fix was to firewall off all the login ports: WHM, cPanel, and a few others (including Webmail).
Those login services are independent of the main httpd that serves up the hosted websites, and they must share a similar code base, with the same vulnerabilities.

nosirrahsec@infosec.exchange

@mttaggart

bersl2@furry.engineer

@mttaggart cPanel has shipped with automatic updates enabled for a very long time. Typically, when systems don't update, either the administrator turned them off, or some piece of critical software supplied by the distro is so obsolete that the newer cPanel releases do not support it anymore.

alesandroortiz@infosec.exchange

@mttaggart Detailed analysis by Watchtowr: https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/