May 20, 2026
Update: Patches have been applied to all affected devices.
We have received advanced information of another patch that is expected to be released at around 5 am PST today.
Beginning immediately once the patch is made available, we will roll out this update across all servers under our management using the same progressive approach as yesterday.
https://status.fullhost.com/cmpd9erfy052up9rm99ty29un
May 14, 2026
Update: Patches have been applied to all affected devices.
Following yesterday's security patch deployment, cPanel has released an enhanced fix for CVE-2026-29205.
Beginning immediately, we will roll out this update across all servers under our management using the same progressive approach as yesterday.
Maintenance notice with updates to be shared through here:
https://status.fullhost.com/cmp5oh2bx04obqjjbfcqislvk
May 13, 2026
Update: Patches have been applied to all affected devices.
cPanel has disclosed five security vulnerabilities rated up to High severity (CVE-2026-29205, CVE-2026-29206, CVE-2026-32991, CVE-2026-32992, CVE-2026-32993) with patches releasing today at 1:00 PM EST / 10:00 AM PST
Beginning at 10:00 AM PST, we will begin rolling out these patches across all servers under our management. Updates will be applied progressively rather than all at once.
Maintenance notice with updates to be shared through here:
https://status.fullhost.com/cmp4aqoob00veqosdy6mbi34p
May 8th, 2026
Update: Patches have been applied to all affected devices.
cPanel has disclosed three security vulnerabilities (CVE-2026-29201, CVE-2026-29202, CVE-2026-29203) with patches releasing today at 12:00 PM EST / 9:00 AM PST.
Beginning at 9:00 AM PST, we will begin rolling out these patches across all servers under our management. Updates will be applied progressively rather than all at once.
Maintenance notice with updates to be shared through here:
https://status.fullhost.com/cmox2b1gg0018n09ywm60fv72
Apr 28th, 2026.
Update: All servers have been patched. If you are experiencing any issues moving forward, please contact Technical Support.
Update: cPanel released a patch a few minutes ago. We're verifying it and rolling it out to all affected servers. Access should be restored within the next hour.
Status: Investigating / Mitigation in place
cPanel has disclosed a critical authentication vulnerability affecting all currently supported versions of cPanel & WHM. No patch is available at this time.
As a precaution, and following cPanel's own guidance, we have temporarily blocked external access to the following ports across our shared and reseller hosting fleet:
-
2083 / 2087 — cPanel & WHM (SSL)
-
2082 / 2086 — cPanel & WHM (non-SSL)
-
2095 / 2096 — Webmail
-
2077 / 2078 — Webdisk (where enabled)
Impact: Customers will be unable to log in to cPanel, WHM, or Webmail via the browser until the restriction is lifted. Websites, email delivery (SMTP/IMAP/POP), DNS, and databases are not affected and continue to operate normally.
What we're doing: We are monitoring cPanel's advisory channel and will deploy the official patch across all affected servers as soon as it is released, after which access will be restored. If you require urgent access to your cPanel account in the meantime, please open a ticket with our support team and we can assist on a case-by-case basis.
We apologise for the inconvenience and appreciate your patience while we prioritise the security of your data and infrastructure.
Updates on this will be posted on our Status Page related to this issue as more information becomes available.
https://status.fullhost.com/cmoj53xm403uywn225c3pn27j
Van-eh105
Related to this incident, was an issue with the database server that needed to be restored. This has been restored, and resolved, there have been lingering issues with some accounts and processes piling up. This does appear to be resolved now, but if you are having issues with errors in your databases, please reach out to support.
https://status.fullhost.com/cmoj6mxri04mlwn22iwu5g1ar
