CVE-2026-41940 rating 9.8 - cPanel and WHM versions after 11.40 authentication bypass vulnerability

📰

CVE-2026-41940 rating 9.8 - cPanel and WHM versions after 11.40 authentication bypass vulnerability

Reddit r/sysadmin·u/DominusDraco·about 1 month ago

#cpanel #versions #authentication #bypass #vulnerability #article

Reading 0:00

15s threshold

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Time to get patching.

https://nvd.nist.gov/vuln/detail/CVE-2026-41940

https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Menu

CVE-2026-41940 rating 9.8 - cPanel and WHM versions after 11.40 authentication bypass vulnerability