CVE-2026-41940 - cPanel and WHM - Authentication Bypass

Overview

cPanel and WHM < 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass caused by a flaw in the login flow, letting unauthenticated remote attackers gain unauthorized access to the control panel, exploit requires no authentication.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 6701.4%(Probability of exploitation in next 30 days)

Impact

Unauthenticated remote attackers can gain unauthorized access to the control panel, compromising system security.

Mitigation

Update to version 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, 11.136.0.5 or later.

References

Social Media Activity(5 posts)

Analyst207

@Analyst207

May 11, 2026

cPanel Flaw Exploited to Deploy Filemanager Backdoor Over 2,000 attacker source IPs worldwide are currently involved in automated attacks exploiting a critical cPanel vulnerability, CVE-2026-41940, which allows remote attackers to gain elevated control and deploy malicious backdoors. This flaw has been targeted by multiple actors for a range of malicious outcomes, including… https://osintsights.com/cpanel-flaw-exploited-to-deploy-filemanager-backdoor?utm_source=mastodon&utm_medium=social #CpanelVulnerability #Cve202641940 #AuthenticationBypass #EmergingThreats #MalwareOperations

View original post

CyberVeille.ch

@cyberveille

May 9, 2026

📢 CVE-2026-41940 : Zero-day cPanel exploité 64 jours avant divulgation, ransomware et botnet déployés 📝 ## 🗓️ Contexte Article publié le 3 mai 2026 sur webhosting.today pa... 📖 cyberveille : https://cyberveille.ch/posts/2026-05-09-cve-2026-41940-zero-day-cpanel-exploite-64-jours-avant-divulgation-ransomware-et-botnet-deployes/ 🌐 source : https://webhosting.today/2026/05/03/the-cpanel-zero-day-was-active-for-64-days-before-anyone-knew/ #Black_Basta #Brutus_Botnet #Cyberveille

View original post

AA

@AAKL

May 9, 2026

If you missed this, the updates were released yesterday: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026 The Hacker News: cPanel, WHM Release Fixes for Three New Vulnerabilities https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html @thehackernews #infosec #vulnerability #cPanel

View original post

linux

@linux

May 11, 2026

Hackers Exploit CVE-2026-41940 to Take Over cPanel and WHM Servers A critical authentication bypass vulnerability affecting cPanel and WHM servers is currently under active exploitation by a sophis... https://mastodon.social/tags/Cyber https://mastodon.social/tags/Security https://mastodon.social/tags/News https://mastodon.social/tags/Cybersecurity https://mastodon.social/tags/Vulnerability https://mastodon.social/tags/Cyber https://mastodon.social/tags/Security https://mastodon.social/tags/Cyber https://mastodon.social/tags/security https://mastodon.social/tags/news https://mastodon.social/tags/vulnerability https://cyberpress.org/hackers-exploit-cve-2026-41940/ | https://awakari.com/sub-details.html?id=linux | https://awakari.com/pub-msg.html?id=aHrsJo2COKpViVYZKWlp7FzOrVw&interestId=linux

View original post

AA

@AAKL

May 9, 2026

If you missed this, the updates were released yesterday: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026 The Hacker News: cPanel, WHM Release Fixes for Three New Vulnerabilities https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html @thehackernews #infosec #vulnerability #cPanel

View original post

CVE-2026-41940 - Vulnerability Analysis

Overview

Severity & Score

Impact

Mitigation

References

Social Media Activity(5 posts)

GitHub Repositories(66 repos)

Related Resources

Details

CWE

CVSS Metrics

EPSS Score

Nuclei Template