A critical authentication bypass flaw in cPanel and WebHost Manager, tracked as CVE-2026-41940, is under active exploitation, allowing attackers full root access to servers. Major hosting providers ...

A critical authentication bypass vulnerability in cPanel and WHM, used by millions of websites, is being actively exploited by hackers. The flaw, CVE-2026-41940, allows attackers to bypass login ...

Web hosting software vendor cPanel has issued patches for a critical vulnerability in its software that is under exploitation ...

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...

CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after ...

SonicWall has patched three vulnerabilities in SonicOS, leading to bypasses, unauthorized access, and device crashes.

A critical cPanel authentication vulnerability (CVE-2026-41940) has been identified with active exploits. Update your server ...

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication ...

Attackers can exploit a “ critical ” security vulnerability in the cPanel and WebHost Manager (WHM) web server administration ...

A critical authentication bypass in cPanel and WHM let attackers walk through the front door of any internet-facing control ...