Actively exploited cPanel bug exposes millions of websites to takeover

Actively exploited cPanel bug exposes millions of websites to takeover

Don’t have an account? Sign up > Try our antivirus with a free, full-featured 14-day trial Protect your team’s devices and data – no IT skills needed Explore award-winning endpoint security for your business Security researchers are warning about a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). This is a critical, actively exploited authentication-bypass bug in cPanel/WHM that lets attackers gain administrative access to the interface without credentials, potentially take over servers and all hosted sites. The vulnerability, tracked as CVE-2026-41940, has been added to the Known Exploited Vulnerabilities catalog by the Cybersecurity and Infrastructure Security Agency (CISA), meaning there is evidence it is being used in real-world attacks. Because cPanel/WHM is used by over a million sites worldwide, including banks and

Source: https://www.malwarebytes.com/blog/news/2026/05/actively-exploited-cpanel-bug-exposes-millions-of-websites-to-takeover