By Month

May 2026
Nov 2020
Apr 2020
Dec 2019
Jul 2019
Sept 2018
Jun 2018
May 2018
Sept 2017
Jan 2016
Older Announcements...
View RSS Feed

  By Month

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

URGENT Security Action Required: Recent cPanel Vulnerability (CVE-2026-41940)

  • Sunday, 3rd May, 2026
  • 13:31pm

Dear Client,

We are reaching out to inform you of a critical security update regarding a vulnerability recently identified in cPanel/WHM (CVE-2026-41940).

While we have already applied the necessary security patches at the server level to close the vulnerability, standard security protocols dictate that you perform a comprehensive audit of your account. This is a preventative measure to ensure that no unauthorized access occurred or persistence was established prior to the patch.

Please perform the following actions immediately:

1. Rotate All Passwords and Tokens

You should update the credentials for every service associated with your account. This includes:

  • cPanel Access: Reset your main account password.

  • FTP / SFTP: Update passwords for all secondary FTP users.

  • Email Accounts: Change passwords for every email address on your domain.

  • Databases: Update all MySQL user passwords. Note: After changing these, you must manually update your configuration files (e.g, or config.php) so your website remains online.

  • API & SMTP: Any API keys, SMTP passwords, or webhook secrets stored in environment variables or config files should be rotated.

  • CMS Admin Panels: Reset admin passwords for WordPress, Joomla, or any other web applications you use.

2. Audit Your Account for Persistence

It is vital to check if any "backdoors" were created. Please log in to your cPanel and review the following sections for any items you do not recognize:

  • Email Forwarders: Ensure no unauthorized addresses are receiving copies of your mail.

  • Cron Jobs: Check for suspicious scheduled tasks that you did not create.

  • FTP Accounts: Verify that no new, unauthorized FTP users have been added.

  • SSH Access: Check for any unfamiliar authorized keys.

  • File Manager: Look for any new or suspicious .php files (often with random names) in your public_html folder or any files modified within the last 7 days that you did not change.

If you notice any suspicious activity or have questions regarding these steps, please contact our support team immediately so we can assist you with a deeper investigation.

Thank you for your prompt attention to this security matter.

Best regards,
Omni Links Support Team

« Back

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket