CVE-2026-41940: cPanel auth bypass, 44,000 IPs
CVE-2026-41940 is a critical cPanel/WHM auth bypass via CRLF injection. CVSS 9.8. Shadowserver counted 44,000 compromised IPs by April 30. Patch now.
Whm
1 article tagged #whm
1 article tagged #whm
CVE-2026-41940 is a critical cPanel/WHM auth bypass via CRLF injection. CVSS 9.8. Shadowserver counted 44,000 compromised IPs by April 30. Patch now.