GoDaddy experienced a minor incident on April 28, 2026 affecting Web Hosting and Virtual Private Server (VPS) and 1 more component, lasting 20h 25m. The incident has been resolved; the full update timeline is below.
Affected components
Update timeline
- investigating Apr 28, 2026, 09:41 PM UTC
Due to a critical vulnerability identified by cPanel's developers, we have received guidance to disable access to certain cPanel features. To protect your website and account, we have temporarily disabled access to cPanel and WebHostManager (WHM) administrative interfaces, webmail, and webdisk. Your website will remain accessible. For more information see https://support.cpanel.net/hc/en-us/articles/40073787579671-Critical-Vulnerability-with-cPanel-WHM-Login-Authentication
- investigating Apr 28, 2026, 09:58 PM UTC
We have received the appropriate patch from the vendor and are working to ensure it won't disrupt service to websites and other services. As soon as tests pass and we are confident in the patch and the patch has been successfully applied to shared web hosting, we will re-open the appropriate services. For VPS customers, please follow the guidance below to update to the latest version manually. https://docs.cpanel.net/whm/cpanel/upgrade-to-latest-version/
- identified Apr 29, 2026, 05:37 AM UTC
The patch has been successfully applied to shared web hosting and we have reopened the appropriate services on shared web hosting.
- resolved Apr 29, 2026, 06:07 PM UTC
The cPanel patch has been successfully applied to supported and managed systems, and we have re-opened all cPanel and WHM services.