New: AI Workforce - waiting list open →

    ← Insights
    Security Update8 May 2026 · EveryHost Engineering Team

    EveryHost Ready to Apply Latest cPanel & WHM Security Updates

    Managed cPanel & WHM24/7 UK SupportPCI-DSS CompliantISO-Certified Datacentres
    EveryHost ready to apply cPanel and WHM security updates for CVE-2026-29201, CVE-2026-29202 and CVE-2026-29203

    EveryHost is aware of a new security notification from cPanel regarding upcoming security patches for cPanel & WHM. The disclosed CVE references are CVE-2026-29201, CVE-2026-29202 and CVE-2026-29203. At the time of writing, full technical details have not yet been publicly released by cPanel.

    This is normal for responsible vulnerability disclosure. In many cases, software vendors notify hosting providers before publishing detailed information, so server administrators can prepare to patch quickly without giving attackers unnecessary early guidance. The patch is expected to be released through the standard cPanel update process on 8 May 2026, with manual updates available via the usual cPanel update command once the patched builds are live.

    What EveryHost Is Doing

    EveryHost is preparing to update affected cPanel & WHM servers as soon as the patched versions are available. Our checks include:

    • reviewing cPanel update configuration across managed servers
    • identifying any servers pinned to a specific cPanel version branch
    • preparing manual update commands for affected systems
    • monitoring cPanel's official support channels for the final patched version numbers
    • checking services after update completion
    • reviewing logs and access patterns where appropriate

    Our priority is simple: apply the security updates quickly while keeping hosted websites, email and control panel services stable.

    Why Security Updates Like This Are Becoming More Common

    Security vulnerabilities in major hosting platforms are not new, but the speed of discovery and exploitation is changing. The hosting industry has recently seen serious cPanel-related security activity, including publicly reported authentication-bypass vulnerabilities affecting cPanel & WHM. cPanel's previous advisory confirmed that affected systems required urgent updating and that unsupported or pinned systems could require manual intervention.

    This is part of a wider shift in cyber security. Attackers now have better automation, faster scanning tools and increasingly powerful AI-assisted methods for finding weak targets. That does not mean every vulnerability is caused by AI, but it does mean the time between a public disclosure and attempted exploitation is getting shorter. For hosting providers, the future is clear: security has to be proactive, monitored and fast-moving.

    For further context on how kernel-level vulnerabilities can affect shared hosting environments, see our article on the Linux kernel CVE-2026-31431 vulnerability.

    Why Managed Hosting Matters

    For many businesses, cPanel and WHM sit behind websites, email, databases, backups, DNS zones and customer portals. A missed security update can quickly become more than a technical issue; it can become a business continuity issue.

    With managed hosting from EveryHost, servers are monitored and maintained by people who understand the stack. That includes:

    • cPanel & WHM updates
    • server patching
    • firewall configuration
    • malware scanning
    • backup checks
    • SSL and DNS management
    • email deliverability support
    • post-update service checks

    This is especially important when vendors issue security notices before patches are available. Preparation matters.

    What Customers Need to Do

    Most EveryHost managed hosting customers do not need to take any action. We will handle the server-side updates where the service is managed by us.

    Customers with their own unmanaged VPS, dedicated server or third-party cPanel licence should check:

    • whether automatic cPanel updates are enabled
    • whether the server is pinned to an old cPanel branch
    • whether the operating system is still supported
    • whether /scripts/upcp can run successfully
    • whether WHM, cPanel, Webmail and email services work correctly after updating

    Unsupported systems should be upgraded as a priority.

    Our Position

    Security incidents like this are a reminder that hosting is no longer just about disk space and bandwidth. Modern hosting requires active maintenance, fast patching and sensible risk management. EveryHost is ready to apply the latest cPanel & WHM security updates as soon as they are released, and we will continue to monitor the situation closely.

    For customers concerned about cPanel security, server patching or whether their hosting environment is properly maintained, contact EveryHost for advice.

    Frequently asked questions

    What are CVE-2026-29201, CVE-2026-29202 and CVE-2026-29203?+

    They are three security vulnerabilities disclosed by cPanel affecting cPanel & WHM. Full technical detail is being withheld until the patched builds are released, which is standard practice for responsible disclosure. Patches are expected through the normal cPanel update process on 8 May 2026.

    Do I need to do anything as an EveryHost managed hosting customer?+

    No. Our engineering team applies cPanel and WHM security updates as part of the managed service. We will roll out the patched versions across our server estate as soon as cPanel publishes them.

    I run my own VPS or dedicated server with a third-party cPanel licence. What should I check?+

    Confirm that automatic cPanel updates are enabled, that your server is not pinned to an outdated cPanel branch, and that your operating system is still supported. Run /scripts/upcp once the patched build is live and verify WHM, cPanel, Webmail and outbound mail still work correctly.

    Why does cPanel withhold technical detail before releasing the patch?+

    Publishing exploit detail before a patch exists gives attackers a head start. By notifying hosting providers first and disclosing fully alongside the fix, cPanel limits the window in which automated scanners can target unpatched servers.

    How does EveryHost stay ahead of fast-moving cPanel vulnerabilities?+

    We monitor cPanel's official channels continuously, maintain an up-to-date inventory of every managed server's cPanel branch and OS, and have manual patch procedures prepared in advance so we can act the moment a fix is published.

    Want a hosting environment that stays patched and monitored?

    Talk to a UK engineer directly — no call centres, no tickets to level one support.