Exim CVE-2019-10149 - Urgent Security Notice For Anyone Using cPanel & WHM Version 78 or lower


Staff member
Apr 11, 2011
Hello Everyone,

You can find our blog post and Knowledge Base article on this topic at the links below:

Exim CVE-2019-10149, how to protect yourself | cPanel Blog
CVE-2019-10149 Exim - cPanel Knowledge Base - cPanel Documentation

Here's an overview of how CVE-2019-10149 applies to specific cPanel & WHM versions:

1. cPanel & WHM version 80 uses Exim version 4.92 and is unaffected by this vulnerability.

2. An update to cPanel & WHM version 78 was published to the STABLE and 78 LTS release tiers on June 5th, 2019 with the following fix included in the change log:

Fixed case CPANEL-27723: Update exim to 4.92-1.cp1178. Fixes CVE-2019-10149.

If you are using cPanel & WHM version 78 and Daily Updates is set to Never or Manual Updates Only in WHM >> Update Preferences, then you should initiate the update to version 78.0.27 immediately to ensure the patch for this vulnerability is applied. For information on how to update cPanel & WHM, see the document below:

Upgrade to Latest Version - Version 78 Documentation - cPanel Documentation

3. If you're using cPanel & WHM version 76 or lower, please see the information published to the cPanel Blog on the link below:

Exim CVE-2019-10149, how to protect yourself | cPanel Blog

Let us know if you have any questions or need assistance with the update.

Thank you.
Last edited: