Tag

CPanel

5 briefs RSS

Critical Authentication Bypass Vulnerability in cPanel & WHM (CVE-2026-41940)

CVE-2026-41940 is a critical authentication bypass vulnerability in cPanel & WHM, allowing unauthenticated remote attackers to gain administrative access by manipulating session data.

exploited cPanel & WHM authentication bypass cPanel web hosting vulnerability

2r 1t 1c 4d ago

critical advisory

cPanel and WHM Authentication Bypass Vulnerability (CVE-2026-41940)

2 rules 1 TTP 1 CVE

An authentication bypass vulnerability in cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 allows unauthenticated remote attackers to gain unauthorized access to the control panel.

WHM +1 cpanel authentication-bypass CVE-2026-41940 webserver

2r 1t 1c 5d ago

high advisory

cPanel/WHM Local Privilege Escalation Vulnerability

2 rules 1 TTP

A local attacker can exploit a vulnerability in cPanel/WHM to escalate their privileges.

privilege-escalation cpanel whm

2r 1t Apr 1, 2026

high advisory

Multiple Vulnerabilities in cPanel/WHM

2 rules 2 TTPs

An anonymous remote attacker can exploit multiple vulnerabilities in cPanel/WHM to bypass security measures, perform XSS and SSRF attacks, disclose information, and potentially execute code.

cPanel WHM XSS SSRF vulnerability

2r 2t Mar 24, 2026

critical advisory

WebPros cPanel & WHM and WP2 Authentication Bypass Vulnerability (CVE-2026-41940)

2 rules 1 TTP 1 CVE

CVE-2026-41940 is an authentication bypass vulnerability in WebPros cPanel & WHM and WP2 (WordPress Squared) that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

cPanel & WHM +1 cpanel whm wp2 wordpress authentication-bypass cve-2026-41940 initial-access

2r 1t 1c Jan 3, 2024