1. cPanel & WHM Documentation
  2. Change Logs
  3. cPanel & WHM Change Log
  4. 126 Change Log

126 Change Log

Last modified: 2026 April 6

126.0.52

2026-04-06
  • Fixed CPANEL-50423: Prevent team sub-account members from accessing WHMCS integration endpoints to block a privilege escalation path to WHM root.
  • Fixed CPANEL-51415: Cleanup locale bits in cPStore Market Provider.
  • Fixed CPANEL-52185: The MultiPHP Manager outdated PHP banner now includes a description explaining that outdated PHP versions no longer receive security updates and recommends PHP ELS. The More Info link is positioned inline with the description instead of pushed to the far right.
  • Fixed CPANEL-52300: Only re-throw non-TimeoutError exceptions in updateLicense() so the timeout recovery path is able to run.
  • Fixed CPANEL-52339: Update cpanel-roundcubemail to 1.6.15.
  • Fixed CPANEL-52361: Do not promote PHP ELS on servers that have an immunify360 license.
  • Fixed CPANEL-52428: Fix cPanel MultiPHP Manager failing to display installed PHP versions with an out of date ea-cpanel-tools package.

126.0.50

2026-03-30
  • Fixed CPANEL-43087: Removed use of cpanel side user cache files.
  • Implemented CPANEL-51576: Add WHM API function to report the count of domains using end-of-life PHP versions.
  • Implemented CPANEL-51579: Make EOL and hardened PHP versions more visually apparent in EasyApache 4 and MultiPHP Manager output.
    • Label outdated and secured PHP versions in the MultiPHP Manager UI.
    • Redesign the PHP ELS installation progress indicator in MultiPHP Manager.
    • Add a PHP Status indicator to the WHM sidebar to highlight end-of-life and hardened PHP versions.
  • Fixed CPANEL-51765: PHP versions older than the system-configured minimum are now labeled “Outdated” in the MultiPHP Manager and EasyApache 4 CloudLinux interfaces, replacing the previous “Deprecated” label.
  • Fixed CPANEL-51959: Fix styling of the Cancel button in the outdated PHP version confirmation dialog on the WHM MultiPHP Manager page.
  • Fixed CPANEL-52182: Update cpanel-geoipfree-data.
  • Fixed CPANEL-52225: CPAN updates, addressing CVE-2026-4177, CVE-2006-10002, CVE-2006-10003.

126.0.49

2026-03-23
  • Fixed CPANEL-51920: Upgrade Compress::Raw::Zlib to 2.220+ to address CVE-2026-3381.
    • The previous version bundled a vulnerable zlib version earlier than 1.3.2.
    • Also upgrades IO::Compress and Compress::Raw::Bzip for compatibility.
  • Fixed CPANEL-52098: Update cpanel-roundcubemail to 1.6.14.
    • Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler.
    • Fix password change without old password validation.
    • Fix IMAP Injection and CSRF bypass in mail search.
    • Fix remote image blocking bypass via SVG animate attributes and body background attribute.
    • Fix fixed position mitigation bypass via use of !important.
    • Fix XSS issue in HTML attachment preview.
    • Fix SSRF and Information Disclosure via stylesheet links to local network host.

126.0.48

2026-03-09
  • Fixed CPANEL-46546: Fix Ticket Assist firewall detection when Imunify360 creates /etc/csf without installing the CSF binary.
  • Fixed CPANEL-51916: Upgrade Net::CIDR to 0.27 to address CVE-2021-4456.
  • Fixed CPANEL-51918: Upgrade Crypt::URandom for CVE-2026-2474.
  • Implemented CPANEL-51430: Add automatic reissuance of short-lived (200-day) SSL certificates via the cPanel Store API.

126.0.47

2026-03-02
  • Fixed CPANEL-50847: Unprivileged users can access Mailman backups. Fix updates cpanel-mailman to 2.2.0.35-1.cp126 and restricts permissions on Mailman backup directory/files.
  • Implemented DUCKS-5070: Initial setup of cpanel-bannerx-plugin. Adds Imunify promotion banner to WHM Security Advisor and WHM Home Page. (cPanel Direct Promotion Only)

126.0.46

2026-02-23
  • Case SEC-67580: Fix cPanel File Download Endpoint IDOR Vulnerability.
    • CVSS Score: 6.5
    • CVSS 3.1:AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    • Reporter: Rhevin Fardhika
  • Implemented CPANEL-47921: Added a new tweak setting to control web server log archive retention and a script to perform automated cleanup.
  • Implemented CPANEL-47921: Added WHM API for managing web server log retention settings across accounts.
  • Implemented CPANEL-47921: Added log retention controls to the Raw Access and Log Manager interfaces.
  • Implemented CPANEL-47921: Added a WHM interface for managing web server log retention settings across cPanel accounts.

126.0.45

2026-02-16
  • Fixed CPANEL-51509: Update cpanel-roundcubemail to 1.6.13. Fix CSS injection vulnerability reported by CERT Polska. Fix remote image blocking bypass via SVG content reported by nullcathedral.
  • Fixed CPANEL-51092: Modify SpamAssassin to recognize different Exim behavior when using the “+all” log selector.

126.0.44

2026-02-02
  • Fixed CPANEL-48145: Remove AutoDomain from vhost aliases.
  • Fixed CPANEL-49681: Fix proxydomains CalDAV/CardDAV SRV records writing literal ‘%domain%’ placeholder instead of actual domain name to DNS zones.
  • Fixed CPANEL-50385: Fix 404 errors when granting support access for forked tickets where SSH keys already exist from parent tickets.
  • Fixed CPANEL-51164: Update PHP to 8.3.30.
  • Implemented CPANEL-50759: Fix EasyApache4 wizard to correctly auto-select PHP extensions when installing ALT PHP versions from CloudLinux.

126.0.42

2026-01-16
  • Fixed CPANEL-51117: Fix “Oops” page on mysql roundcube.

126.0.41

2026-01-15
  • Fixed CPANEL-51044: Fix location of 999-cpanel-plugins.inc.php in cpanel-roundcubemail-plugins-cpanel package.

126.0.40

2026-01-12
  • Implemented CPANEL-50953: Add survey widget ‘formbricks’ to Roundcube via plugin.

126.0.39

2026-01-06
  • Fixed CPANEL-49029: Fixed stored XSS vulnerability in File Viewer.
  • Improved CPANEL-50270: Updated Exim mail server to version 4.99.
  • Improved CPANEL-50327: Added Site Publisher deprecation notification to WHM.
  • Improved CPANEL-50462: Updated Unbound DNS resolver to version 1.24.2.
  • Improved CPANEL-50480: Updated phpPgAdmin to version 7.14.7.
  • Improved CPANEL-50493: Improved PHP Extended Lifecycle Support banner display and installation workflow.
  • Improved CPANEL-50549: Improved integration with Jodit Editor.
  • Fixed CPANEL-50682: Fixed EasyApache UI error when package data exceeds localStorage limits.
  • Improved CPANEL-50737: Updated Roundcube webmail to version 1.6.12.

126.0.38

2025-12-18
  • Fixed CPANEL-50788: Update cpanel-php to 8.3.29.
    • Fixed CVE-2025-14177: Information Leak of Memory in getimagesize.
    • Fixed CVE-2025-14178: Heap buffer overflow in array_merge.
    • Fixed CVE-2025-14180: PDO quoting result null deref.

126.0.37

2025-11-05
  • Case SEC-70235: Fix CVE-2025-66429 - Local privilege escalation vulnerability due to directory traversal in Team Manager API.
    • CVSS Score: 9.3
    • CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
    • Reporters: Philip Okhonko, Sergey Gerasimov of SolidLab LLC
  • Fixed CPANEL-49111: Arbitrary webmail account access possible for users missing ACL for feature.
  • Fixed CPANEL-49422: Line-wrap the encoded SpamAssassin report in email headers to better comply with RFC 2047.
  • Fixed CPANEL-49683: Update awstats pkg for CWE-78/PTT-2025-021.
  • Fixed CPANEL-50004: Update PHP to 8.3.27.

126.0.36

2025-10-16
  • Fixed CPANEL-46200: Unship cpanel-postgresql to address CVE-2024-7348 for pg_dump.
  • Fixed CPANEL-46939: Stored XSS in Mailing List archives
    • Reporter: John Lightsey
    • Severity: 4.3 CVSS 3.1:AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  • Fixed CPANEL-48012: Reinitialize CardDAV config post-transfer.
  • Fixed CPANEL-48586: Update mailman to version 2.2.0.32-1.cp126.
  • Fixed CPANEL-49111: Arbitrary webmail account access possible for users missing ACL for feature.
  • Fixed CPANEL-49116: Arbitrary file download possible for users missing ACL for filemanager feature.
  • Fixed CPANEL-49138: Integrate Jodit Editor into File Manager as the new HTML Editor (beta).
  • Fixed CPANEL-49138: Remove the ‘HTML Editor Removal’ Notification in WHM.
  • Fixed CPANEL-49487: Update cpanel-php to 8.3.26.
  • Fixed CPANEL-49551: Fixed issue where user’s crontab does not delete when the cPanel account is terminated.
  • Fixed CPANEL-49670: Update YAML::Syck to 1.36 for CVE-2025-11683.
  • Implemented CPANEL-48174: Optimize wptk api routes.

126.0.35

2025-09-25
  • Fixed Case CPANEL-48812: Arbitrary webmail account access possible for users missing ACL for feature
    • Credit: MATETIC, Luka
    • Severity: 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
    • Note: The case was mis-labeled as CPANEL-46580 previously

126.0.33

2025-09-23
  • Fixed CPANEL-49179: updateuserdomains was hiding preexisting users with reserved names.
  • Fixed CPANEL-48405: Ensure that email headers containing SpamAssassin reports are properly escaped to comply with RFC 2047
    • Reporter: Chris Pirazzi
    • Score: 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

126.0.32

2025-09-17
  • Fixed CPANEL-48317: Upgrade AWStats to 8.0.
  • Fixed CPANEL-48960: Fix potential race condition in the cPanel Log and Bandwidth Processor daemon.
  • Fixed CPANEL-49106: Update Cpanel::JSON::XS and JSON::XS to address CVE-2025-40929.
  • Fixed CPANEL-49215: Bump rpm.versions for cpanel-geoipfree-data.

126.0.31

2025-09-10
  • Fixed CPANEL-46582: Security Update: Add local sudoers group names to reserved username
    • Credit: Ionut Cernica
    • CVSS Score: 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

126.0.30

2025-09-09
  • Fixed case CPANEL-48811: Security Update: Generic Unseen Parameters Discovery in resetpass.cgi
    • Blocked unauthenticated users from enabling debug mode via a query parameter in the URL.
    • Credit to reporter: adwin
    • CVSS Score: 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

126.0.29

2025-09-04
  • Fixed CPANEL-48276: Personhood removals and Analytics Consent functionality based on Leika
  • Fixed CPANEL-46144: Lower log level from debug to error to reduce spam to error_log.
  • Fixed CPANEL-48958: Update PHP to 8.3.25.
  • Fixed CPANEL-49051: Update CGI::Simple to address CVE-2025-40927.
    • (While not used by cPanel & WHM itself we do ship this module and therefore including it to stay up to date)

126.0.28

2025-08-21
  • Fixed CPANEL-48296: Update cpanel-sqlite to 3.50.3 for CVE-2025-6965.
  • Fixed CPANEL-48744: WHM Notification that ConfigServer is shutting down.

126.0.27

2025-07-16

  • Fixed CPANEL-48142: Update cpanel-php83 to 8.3.23 in etc/rpm.versions.

    • Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735)
    • Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491)
    • Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220)

  • Fixed CPANEL-48149: Bump rpm.versions for update to cpanel-git-2.48.2.

126.0.25

2025-06-26
  • Fixed CPANEL-47871: Upgrade to clamav 1.0.9 for CVE-2025-20260.

126.0.24

2025-06-13
  • Fixed case CPANEL-47687: Bump rpm.versions for cpanel-php83 update to 8.3.22.
  • Fixed case CPANEL-47693: Add HTML Editor removal notice to WHM Notification center.

126.0.23

2025-06-10
  • Fixed CPANEL-47735: The directory /usr/local/cpanel/whostmgr/addonfeatures/ was unintentionally removed in a previous commit. This update restores the directory to maintain expected file structure and prevent potential issues with dependent features. No additional changes were made beyond the restoration.

126.0.21

2025-06-10
  • Fixed CPANEL-46032: Update cpanel-awstats to 7.9-2.
  • Fixed CPANEL-47113: Block transfers of temp domains to servers that do not support it.
  • Fixed CPANEL-47266,CPANEL-47080,CPANEL-47086,CPANEL-47564: Multiple Mailman fixes (Mailman 2.2.0.31).
  • Fixed CPANEL-47605: Remove "HTML Editor" from cPanel >> FileManager, as it relies on an EOL version of ckeditor which has known CVEs against it.
  • Fixed CPANEL-47664: Update cpanel-file-find-rule to 0.35 to fix CVE-2011-10007.
  • Fixed CPANEL-47693: Add a notice within the Feature Showcase about ckeditor removal.

126.0.19

2025-06-02
  • Fixed case CPANEL-47587: Update Roundcube to 1.6.11 to fix CVE-2025-49113.

126.0.18

2025-05-29
  • Fixed CPANEL-46537: Bump cpanel-mailman version to 2.2.0-22 for 126.
  • Fixed CPANEL-46595: Update cpanel-roundcubemail to 1.6.9.9-1.
  • Fixed CPANEL-46609: Update cpanel-mailman to 2.2.0.21-1.
  • Fixed CPANEL-46815: Update cpanel-roundcubemail to 1.6.10 in etc/rpm.versions.
  • Fixed CPANEL-46819: Update Exim to 4.9.2.
  • Fixed CPANEL-46823: Update re2c to 4.2.
  • Fixed CPANEL-46839: Bump rpm.versions to update cpanel-clamav to 1.0.8-1.cp118.
  • Fixed CPANEL-46845: Update PowerDNS to 4.9.5.
  • Fixed CPANEL-46906: Provide module to work with Leika data.
  • Fixed CPANEL-46938: Bump cpanel-mailman version to 2.2.0-23.
  • Fixed CPANEL-47227: Bump rpm.versions for cpanel-php83 update.
  • Fixed ZC-12783: Prevent cpdavd deadlocks by isolating SSL_CTX in child processes.
  • Implemented CPANEL-46909: Teach CpKeyClt about leika data.

126.0.16

2025-04-24
  • Fixed CPANEL-46530: Mailman upgrade backup from python2 -> python3 can create extraordinarily large backups
  • Fixed CPANEL-46551: Mailman ( python3 ) : AttributeError: ‘bytes’ object has no attribute ’encode’
  • Fixed CPANEL-46556: Unable to unshunt messages
  • Fixed CPANEL-46529: Unicode digest issues
  • Fixed MOON-2974: The Consent and Gathering step of the cPanel welcome modal may be temporarily dismissed.
  • Fixed RE-1425: Update EOL blocker message in upcp to reference ELevate where relevant.
  • Fixed RE-1477: Bump rpm.versions for cpanel-perl-536.
  • Fixed RE-1487: Bump rpm.versions for cpanel-php83 8.3.20.

126.0.14

2025-04-13
  • Fixed RE-1477: Update rpm.versions for cpanel-perl-536: CVE-2024-56406: Heap-buffer-overflow with tr//

126.0.13

2025-04-08
  • Fixed CPANEL-46530: Update Mailman to 2.2.0.16-2: adds some limits to the one time backup that happens for mailman when upgrading to the python3 version.
  • Fixed HB-8228: Update Mailman to version 2.2.0-15 to fix module imports.
  • Fixed RE-1159: Allow Security Advisor to begin recommending ELevate to users of AlmaLinux 8.
  • Fixed RE-1358: Fix IPv6 Overlap check for shared IP in Whostmgr::TweakSettings::Basic.
  • Fixed WPX-6232: Improve bin/checkallsslcerts pre-DCV checks and error handling.
  • Fixed case MOON-2951: Update in-app TypeForm Survey URL's.

126.0.11

2025-03-26
  • Fixed RE-1418: Update cpanel-exim to 4.98.1-2.cp118 in etc/rpm.versions to fix CVE-2025-30232.

126.0.10

2025-03-19
  • Fixed case HB-8187: Fix roundcube conversion for large number of events.
  • Fixed case HB-8199: Update Mailman to version 2.2.0.14-1.
  • Fixed case HB-8223: Fix Mailman config file ownership after a hostname change.
  • Fixed case RE-1274: Update cpanel-ioncube to 14.4.0 in rpm.versions.
  • Fixed case RE-1318: Fix Security Advisor detection of Suexec.
  • Fixed case RE-1322: Fix bug in the AdminBin layer where the "enable_api_log" setting in cpanel.config could cause API calls to fail for suspended accounts.
  • Fixed case RE-1393: Update cpanel-php83 to 8.3.19 in etc/rpm.versions. (CVE-2025-1736, CVE-2025-1861, CVE-2025-1734, CVE-2025-1217, CVE-2025-1219, CVE-2024-11235)

126.0.9

2025-03-04
  • Fixed HB-8200: Update Mailman to version 2.2.0.11-1, upgrade and archive related fixes.
  • Fixed HB-8201: Fix mailman AttributeError: 'Message' object has no attribute 'policy'.
  • Fixed RE-1319: Reject DB imports larger than PHP download limits in myadmin.
  • Fixed RE-1346: Resume use of BIND zone-checking utilities when ALIAS records are not present.
  • Fixed RE-1360: Update Mailman to version 2.2.0.11-2.

126.0.6

2025-02-25
  • Fixed CPANEL-46432: Teach the (deprecated) Sectigo AutoSSL provider to recognize certificates signed by an updated CA.

126.0.5

2025-02-24
  • Fixed HB-8184: Add touchfile to disable cpdavd TLS caching for OpenSSL < v3.
  • Fixed HB-8202: Update mailman to 2.2.0.10-1 to fix DMARC handling.
  • Fixed RE-1219: Update cpanel-analog, cpanel-ldns, cpanel-libzip, cpanel-libtidy, cpanel-mariadb-connector, cpanel-p0f, cpanel-puttygen, cpanel-re2c, cpanel-rrdtool, and cpanel-webalizer.
  • Fixed RE-1227: Update BackBlaze B2 backup transport to use the v3 API.
  • Fixed RE-1229: Fix issue with BIND leaving cruft in the named.conf file when deleting accounts after having rebuilt the dns config.
  • Fixed RE-1277: Update cpanel-php83 to 8.3.17.
  • Fixed RE-1326: Update cpanel-exim to 4.98.1 for CVE-2025-26794.
  • Fixed ZC-12594: Fix failure to upgrade to MariaDB 11.4.
  • Implemented RE-1292: Ship cpanel-perl-536-datetime-event-recurrence and dependencies.
  • Implemented RE-1339: Ship cpanel-perl-536-datetime-event-ical.

126.0.4

2025-02-11
  • Fixed RE-1211: Remove restriction on IPv6 range addition when the range only overlaps the server's Main IP.
  • Case ZC-12552: Remove generated hostnames from Change Hostname
  • Case ZC-12553: Prevent cprapid.com accounts/domain creation

126.0.3

2025-02-05
  • DUCKS-1974: Initial release of the Social Media Management (powered by SocialBee) plugin for select company IDs
  • DUCKS-1769: Initial release of the SEO plugin for select company IDs
  • Fixed HB-7752: Fix several issues with Reminders app on MacOS, improve migration.
  • Fixed HB-8126: Update cpanel-mailman to 2.2.0.8-1.
  • Fixed RE-780: Update recoverymgmt cron to only execute once per day.
  • Fixed RE-922: Filter out CloudLinux Network messages to prevent Security Advisor false positives.
  • Fixed RE-982: Skip slow rollout when the major version for the release and stable tier are the same.
  • Fixed RE-994: Ensure packages created by resellers default to the value set for "Max hourly emails per domain" in the Tweak Settings.
  • Fixed RE-1166: Update ProFTPD to 1.3.8c.
  • Fixed RE-1173: Update cpanel-php83 to 8.3.16.
  • Fixed RE-1178: Fix issue in cpanel's internal error reporting logic when UID or GID cannot be found for a given user/group combo.
  • Fixed RE-1182: Update cpanel-sqlite to 3.48.0.
  • Fixed RE-1188: Update cpanel-phpmyadmin to 5.2.2.
  • Fixed RE-1190: Update cpanel-p0f to 3.09b-2.cp108.
  • Fixed RE-1192: Update cpanel-pigz to 2.4-2.cp108.

126.0.2

2025-01-14
  • Fixed HB-8125: Mailman analytics integration.
  • Fixed HB-8169: Update cpanel-mailman to 2.2.0.6-1.
  • Fixed RE-938: Revert CPANEL-42994: broke unusual but valid behavior in the addaddondomain API call.
  • Fixed RE-984: Better handle a missing cPanel install version file when collecting UI analytics information.

126.0.1

2025-01-08
  • Fixed DUCKS-847: Sitejet will not throw 400 after Transfer Tool process.
  • Fixed DUCKS-1455: Include agent360 in reserved usernames list.
  • Fixed HB-7679: Track UI events on the Email Deliverability page.
  • Fixed HB-7748: Tighter Exim requirements for sending local mail.
  • Fixed HB-7933: Update cpanel-roundcubemail to v1.6.9.0.
  • Fixed HB-7948: Update Roundcube for multiple bugfixes.
  • Fixed HB-7964: Fix issue that was preventing calendar invites from being sent.
  • Fixed HB-8063: Collect Webmail login origin point via Mixpanel.
  • Fixed HB-8115: Update cpanel-mailman to 2.2.0.3 and cpanel-dnspython to 2.1.0 with python3.
  • Fixed HB-8123: Remove remaining python2 references that coincide with Mailman2.
  • Fixed MOON-52: Internal Angular upgrade to version 18.
  • Fixed MOON-1994: Fixed checkbox selection issue on initial setup.
  • Fixed MOON-2025: Improved consistency of scrollbar appearance in the left sidebar of WHM.
  • Fixed MOON-2151: Interface analytics for cPanel are now configured in Account Preferences.
  • Fixed MOONS-1699: Corrected jump location for anchor links on the Edit Database Configuration page for WHM.
  • Fixed MOONS-1743: Angular 16 and dependency library upgrades.
  • Fixed RE-567: Update French translations.
  • Fixed RE-646: Return proper message when the “fetch_vhost_ssl_components” WHM API1 call has an internal error.
  • Fixed RE-676: Retire the cpanel-dovecot-xaps package and the associated UI in WHM for installing APNS certs.
  • Fixed RE-726: Fixed the "SSH Password Authorization Tweak" for cases where the sshd configuration file has an include directory.
  • Fixed RE-758: Update cpanel-git to 2.46.1.
  • Fixed RE-769: Assure Imunify360/AVPlus install happens exclusively.
  • Fixed RE-771: For the timezone cookie, set the "Secure" attribute to true.
  • Fixed RE-819: Remove "additional-from-cache" line from BIND config for BIND versions 9.16 and above.
  • Fixed RE-842: Update cpanel-exim to 4.98.
  • Fixed RE-868: Fix an exception when shutting down socket connections in Cpanel::Server::Connection::SSL.
  • Fixed RE-873: Update cpanel-unbound to 1.21.1 (fixes CVE-2024-8508).
  • Fixed RE-884: Optimize _get_account_age function in UIAnalytics template plugin.
  • Fixed RE-884: Optimize load of Koality cpanel template plugin.
  • Fixed RE-884: Optimize get_root_age call in UIAnalytics plugin initialization.
  • Fixed RE-890: Internal upgrade to node 22.
  • Fixed RE-909: Fix issue in bin/rebuild-templates where templates were not rebuilt by adding a –force option and using that during upcp.
  • Fixed RE-909: Fix bug in bin/rebuild-templates where it regenerated templates based on previously compiled templates.
  • Fixed RE-1035: Update AWStats to version 7.9.
  • Fixed RE-1037: Update cpanel-dovecot to 2.3.21.1.
  • Fixed RE-1038: Make cPanel depend on the Zstd library.
  • Fixed RE-1038: Update cpanel-mariadb-connector to 3.3.13.
  • Fixed RE-1040: Update RRDtool to 1.9.0.
  • Fixed RE-1041: Upgrade SQLite to 3.47.2.
  • Fixed RE-1063: Drop support for Python2 in cPanel & WHM.
  • Fixed RE-1072: Update cpanel-pdns to rely on upstream libboost and mark the cpanel-boost packages as obsolete in rpm.versions.
  • Fixed RE-1074: Update cpanel-php83 to 8.3.15 in rpm.versions.
  • Fixed RE-1091: Remove cpanel-perl-536-inline-python.
  • Fixed WPX-4100: Return 'Settings' functionality to WP2 >> Filemanager.
  • Fixed WPX-4243: Restore send bandwidth email notification in Tweak Settings.
  • Fixed WPX-4360: Refactor the lock from Accounts::Create into a reusable module.
  • Fixed WPX-4516: Add a global exception handler the checkallsslcerts.
  • Fixed WPX-4727: Add OpenAPI documentation to WHM.
  • Fixed WPX-4859: Fix issue to create account when using French locale.
  • Fixed WPX-5117: Avoid adding multiple cprapid entries in Apache configuration.
  • Fixed WPX-5193: Update GeoIP DB to version 20241210.
  • Fixed ZC-12185: Introduce support for MySQL 8.4.
  • Fixed ZC-12322: Fix check_mysql false positives on MariaDB 11.4.
  • Fixed ZC-12323: Update references to deprecated MySQL utilities.
  • Fixed ZC-12388: Fix DNS using outdated config cache.

Additional Documentation