Namecheap incident

Urgent Security Update for cPanel VPS/DS (CVE-2026-41940)

Major Resolved View vendor source →

Namecheap experienced a major incident on May 1, 2026 affecting Hosting and VPS and 1 more component, lasting 41d 13h. The incident has been resolved; the full update timeline is below.

Started
May 01, 2026, 12:21 AM UTC
Resolved
Jun 11, 2026, 02:13 PM UTC
Duration
41d 13h
Detected by Pingoru
May 01, 2026, 12:21 AM UTC

Affected components

HostingVPSDedicated Servers

Update timeline

  1. investigating May 01, 2026, 12:21 AM UTC

    Dear Customers, We would like to inform you that recently an exploit related to older versions of the cPanel was found: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026 Due to this exploit, those User-Responsible servers that are not using the most recent cPanel version may be at risk of unauthorized access or system instability. To ensure your data remains secure, we … Continue reading Urgent Security Update for cPanel VPS/DS (CVE-2026-41940) → The post Urgent Security Update for cPanel VPS/DS (CVE-2026-41940) appeared first on Namecheap Status.