A critical authentication bypass vulnerability in cPanel & WHM, tracked as CVE-2026-41940, has been exploited by hackers for months, allowing remote attackers to gain administrative access and potentially compromise all websites on shared hosting servers. cPanel has urged users to patch their systems immediately, as approximately 1.5 million instances may be at risk.
The critical cPanel & WHM authentication bypass vulnerability, CVE-2026-41940, has been actively exploited for months, potentially allowing attackers to gain administrative access and control over server configurations. With around 1.5 million cPanel instances potentially exposed, it's crucial for cybersecurity professionals to ensure systems are patched with the latest updates and to utilize detection scripts to identify any signs of compromise. Prioritize immediate patching and consider blocking access to cPanel & WHM ports until systems are secured.