New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.
Security Boulevard

Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow ...
Cybernews

Critical cPanel bug exposes millions of websites to full server takeover

A critical vulnerability in cPanel and WHM, tracked as CVE-2026-41940, allows attackers to bypass authentication and gain ...
AndroGuider

Hackers Exploit cPanel Vulnerability: Thousands of Websites at Risk

AndroGuider is a blog where you can scoop your daily need of tech information with some dose of special reviews and custom ...
DMR News

Critical CPanel And WHM Vulnerability Allows Server Takeover As Researchers Urge Immediate Patching

Security researchers have identified a critical flaw in cPanel and WebHost Manager that could allow attackers to bypass ...
heise online

cPanel/WHM: Unauthorized access to web server configuration tool possible

Attackers can exploit a “critical” security vulnerability in the cPanel and WebHost Manager (WHM) web server administration software to gain unauthorized access. So far, there are no reports of ...
TechBooky

Hackers Are Exploiting Critical cPanel Bug, Putting Millions of Websites at Risk

Web hosting providers are racing to secure their infrastructure after security researchers disclosed a serious vulnerability ...
Arabian Post

cPanel flaw exposes hosting defences

A publicly released exploit for a critical cPanel and WebHost Manager flaw has intensified pressure on hosting companies and ...