Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.
Hackers have been exploiting a critical-severity authentication bypass vulnerability in the cPanel & WHM (WebHost Manager) server and site management platform for months.
Tracked as CVE-2026-41940 (CVSS score of 9.8), the flaw was disclosed on April 28, when cPanel urged immediate patching, warning that all software versions after 11.40 are affected, but refraining from sharing technical information.
Affecting the login flow, the security defect could allow remote, unauthenticated attackers to gain administrative access to the control panel, essentially leading to system takeover.
Source: https://www.securityweek.com/critical-cpanel-whm-vulnerability-exploited-as-zero-day-for-months/
Related breach coverage
- All supported cPanel versions hit by critical auth bug, now patched2026-04-29
cPanel fixed a critical authentication flaw that could let attackers access servers. The issue affects all supported versions. cPanel released security updates to address a critical authentication vulnerability that could allow attackers to gain unauthorized access to its control panel. The flaw affects all supported versions, raising serious risks for exposed servers. cPanel is a […]
- Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure2026-04-29
The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it. The post Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure appeared first on SecurityWeek.
- SonicWall Urges Immediate Patching of Firewall Vulnerabilities2026-04-30
The bugs could be exploited to bypass security controls, access restricted services, and crash firewalls. The post SonicWall Urges Immediate Patching of Firewall Vulnerabilities appeared first on SecurityWeek.
- Critical cPanel and WHM bug exploited as a zero-day, PoC now available2026-04-30
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]