With licensing costs soaring and massive shifts in market share, your choice of a control panel is no longer just about habit - it’s a reflection of your server’s operational strategy. In 2026, are you sticking with the familiar legacy of cPanel, adapting to the developer-first flexibility of Plesk, or prioritising the lightweight, budget-conscious efficiency of DirectAdmin?

Situation
A security vulnerability was found in the plugin provided by LiteSpeed that allowed unauthorized root access to the server.

Impact
In order to mitigate this vulnerability further, it is recommended to disable the LiteSpeed User-End Plugin for cPanel. This plugin will be automatically removed as part of the cPanel update on May 19, 2026, for all cPanel versions.

Note: The LiteSpeed web service will continue to function without issue.

Call to Action
The LiteSpeed plugin will be automatically disabled as part of the cPanel update process. Run the following to ensure that cPanel is fully up-to-date:

Situation
A vulnerability has been reported that currently affects cPanel & WHM versions 132 and higher.

Impact
We have pushed out a patch for the following cPanel & WHM versions:

11.132.0.35 and higher
11.134.0.29 and higher
11.136.0.13 and higher
We have pushed out a patch for the following WP Squared version:

11.136.1.16 and higher
Note: All further versions of cPanel are patched for this issue as well. Please see the latest changelogs for version information of each cPanel branch:
https://docs.cpanel.net/changelogs/

Call to Action
Update the cPanel version on the server to one of the versions listed above. This can be done with the following: