cPanel/WHM authentication bypass — mass exploitation ongoing (KEV deadline 2026-05-21)
cve · CVE-2026-41940
First covered
2026-05-06
Last covered
2026-05-06
Appearances
1
All cited sources for this topic (4)
- labs.watchtowr.comprimarywatchTowr Labshttps://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/
- cyberscoop.comCyberScoop, 2026-05-05https://cyberscoop.com/cpanel-authentication-bypass-vulnerability-cve-2026-41940-exploited/
- helpnetsecurity.comHelp Net Security, 2026-05-04https://www.helpnetsecurity.com/2026/05/04/multiple-threat-actors-actively-exploit-cpanel-vulnerability-cve-2026-41940/
- rapid7.comRapid7 ETRhttps://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass/
Story timeline
- 2026-05-06CTI Daily Brief — 2026-05-06