cPanel security advisory (AV26-499)

Serial number: AV26-499
Date: May 22, 2026

On May 21, 2026, cPanel published security advisories to address vulnerabilities in the following products:

• cPanel & WebHost Manager (WHM) software – version 11.126.0.63 and later, version 11.134.0.30 and later, version 11.136.0.14 and later, WP Squared 11.138.1.1 and later
• EasyApache4 – versions prior to v25.62

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Security: CVE-2026-33278 cpanel-unbound 1.25.1 Security Release - May 21, 2026
• Security: EasyApache4 v25.62 Security Release - May 21, 2026
• cPanel Security