Critical cPanel and WHM bug exploited as a zero-day, PoC now available

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]

Source: https://www.bleepingcomputer.com/news/security/critical-cpanel-and-whm-bug-exploited-as-a-zero-day-poc-now-available/