A critical authentication bypass vulnerability (CVE-2026-41940, CVSS 9.8) in cPanel has been actively exploited in the wild since at least February 23, 2024. The article confirms the in-the-wild exploitation but does not provide specific affected version ranges, a fixed version number, or a workaround.
A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical details about the vulnerability – they have been spotted exploiting CVE-2026-41940 since February 23, and have likely been abusing it even earlier. About CVE-2026-41940 CPanel, typically provided by shared hosting companies, is one of the … More → The post cPanel zero-day exploited for months before patch release (CVE-2026-41940) appeared first on Help Net Security .