Vulnerability on goodinfo.net Daily https://goodinfo.net/en/tags/vulnerability/ goodinfo.net daily curated global news: AI, tech, finance, and world affairs. Hugo -- gohugo.io en goodinfo.net Fri, 01 May 2026 04:00:00 +0800 Critical cPanel Authentication Bypass (CVE-2026-41940) Actively Exploited — Millions of Websites at Risk https://goodinfo.net/en/posts/ai-tech/cpanel-cve-2026-41940-authentication-bypass-vulnerability-may-2026/ Fri, 01 May 2026 04:00:00 +0800 goodinfo.net https://goodinfo.net/en/posts/ai-tech/cpanel-cve-2026-41940-authentication-bypass-vulnerability-may-2026/ A critical authentication bypass vulnerability (CVE-2026-41940) has been discovered in cPanel and WHM, with hackers actively exploiting it to take over servers, putting millions of websites worldwide at risk. Critical cPanel Authentication Bypass (CVE-2026-41940) Actively Exploited — Millions of Websites at Risk

A severe security vulnerability (CVE-2026-41940) has been discovered in cPanel and its companion tool WHM, the world’s most widely used web hosting control panel. The flaw allows attackers to bypass authentication mechanisms and gain direct server control. Security researchers warn that hackers are already actively exploiting the vulnerability, with millions of websites worldwide potentially at risk.

Vulnerability Details

CVE-2026-41940 is an authentication bypass flaw located in cPanel/WHM’s authentication module. By crafting specially formatted HTTP requests, attackers can circumvent normal login procedures and access the cPanel control panel with administrator privileges. This enables them to upload malicious files, deface websites, steal user data, and potentially take complete control of the entire hosting server.

The vulnerability carries a CVSS score of 9.8 out of 10, classified as “Critical.” Given that cPanel is used by millions of shared hosting servers globally, the potential impact is extraordinarily broad.

Active Exploitation

Security firms have observed that within hours of the vulnerability details being disclosed, a massive wave of automated scanning and exploitation attempts appeared across the internet. Attackers are using the flaw to rapidly deploy webshells, cryptocurrency mining scripts, and ransomware. Several hosting providers have already reported customer server compromises.

Remediation

cPanel has released a security patch addressing the vulnerability. All cPanel/WHM server administrators are strongly urged to take the following actions immediately:

  1. Update Immediately: Upgrade cPanel/WHM to the latest patched version
  2. Audit Logs: Review access logs for any suspicious login attempts
  3. Reset Credentials: Change all cPanel account passwords and administrator credentials
  4. Enable 2FA: Activate two-factor authentication for all administrative accounts

Industry Impact

This incident highlights the security fragility of shared hosting infrastructure once again. Security experts note that as one of the most widely deployed hosting control panels globally, a cPanel vulnerability extends far beyond a single product — it potentially impacts a significant portion of the internet’s hosting infrastructure.

Source: The Hacker News | BleepingComputer | cPanel Blog

]]> ai-tech securitycPanelvulnerabilitycybersecurityCVE