Dear customers,

We are issuing an urgent security notification regarding a vulnerability identified as CVE-2026-29204 affecting WHMCS. This vulnerability was disclosed on May 13, 2026, and a fix was released on May 14, 2026.

This issue could potentially allow unauthorized access to administrative functions or expose sensitive client data. To protect your billing system and customer information, you must update your WHMCS installation immediately.

ACTION REQUIRED: UPDATE WHMCS

  1. Verify Your Current Version Log in to your WHMCS admin area and check the version number displayed in the footer or under Utilities > System > System Information.

  2. Apply the Security Patch You must upgrade your WHMCS installation to version 8.10.1 or higher. This version includes the fix for CVE-2026-29204.

Recommended Update Methods:

Option A: Automated Update (If enabled)

  • Log in to WHMCS Admin Area.
  • Navigate to Utilities > System > Auto Updater.
  • Click the Update button to download and install the latest version.

Option B: Manual Update

  • Download the latest version (8.10.1 or higher) from the official WHMCS website or your account portal.
  • Follow the official WHMCS upgrade guide to replace your existing files and run the database upgrade script.
  • Ensure you create a full backup of your files and database before proceeding.
  1. Verification After updating, verify that your installation is running version 8.10.1 or higher. You can confirm this by checking the version number in the admin footer or by running the command php -r "echo WHMCS_VERSION;" in your server terminal if CLI access is configured.

MINIMUM PATCHED VERSION REQUIREMENTS

  • Minimum Safe Version: WHMCS 8.10.1
  • Release Date: May 14, 2026
  • Vulnerability Fixed: CVE-2026-29204

If your current version is lower than 8.10.1, your system is vulnerable and requires immediate attention.

ADDITIONAL RESOURCES

For detailed instructions on the update process and technical specifics regarding this vulnerability, please refer to the official WHMCS security advisory: https://help.whmcs.com/m/125386/l/2073908-cve-2026-29204

NEED ASSISTANCE?

Our support team is available to assist with:

  • Verifying your WHMCS version
  • Guiding you through the manual update process
  • Performing pre-update backups

Thank you for prioritizing the security of your billing infrastructure.

Sincerely,
Yours UndergroundPrivate.com

 



Thursday, May 14, 2026

« Back