CVE-2026-41940 is a critical authentication bypass vulnerability in cPanel & WHM affecting all currently supported versions. The flaw stems from improper session data sanitization that allows attackers to bypass authentication checks. The vulnerability was actively exploited as a zero-day against hosting infrastructure managing millions of domains before patches were released.
Safety
CPanel and WHM Authentication Bypass – CVE-2026-41940
Session data sanitization flaw in cPanel & WHM (CVE-2026-41940) enabled zero-day authentication bypasses against millions of hosted domains before patches shipped.
Friday, May 1, 2026 12:00 PM UTC2 MIN READSOURCE: Hacker NewsBY sys://pipeline
Tags
safety
/// RELATED
Infrastructure4d ago
Bug of the year (so far)? Nasty cPanel vulnerability probably exploited as a 0-day
CVSS 9.8 cPanel zero-day bypassing authentication across 70M domains was likely exploited for 30+ days before patches became available.
Infrastructure4d ago
First reports come in of victims of critical cPanel vuln as 'millions' of sites potentially exposed
cPanel's critical CVSS-9.8 full-server-compromise flaw (CVE-2026-41940) is now actively weaponized in ransomware attacks against millions of hosted sites, with exploitation confirmed on CISA's known-exploited list.