CVE-2026-41940

KEV

🔴 Łataj teraz

Obejście uwierzytelnienia w cPanel i WHM umożliwia zdalnym atakującym dostęp do panelu.

CVSS

9.8

EPSS

26.6%

Exploit

weaponized

Vendor

cpanel

Opis źródłowy (NVD)

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

auth-bypass exploit Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	9.8
CISA KEV (aktywnie wykorzystywane)	Tak
FIRST EPSS (prawdopodobieństwo exploita)	26.6%
Opublikowano (NVD)	2026-04-29 16:16:25 UTC
Ostatnia modyfikacja (NVD)	2026-05-04 18:09:42 UTC

Referencje

https://docs.cpanel.net/release-notes/release-notes (disclosure@vulncheck.com) [Release Notes]
https://docs.wpsquared.com/changelogs/versions/changelog/#13617 (disclosure@vulncheck.com) [Release Notes]
https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026 (disclosure@vulncheck.com) [Vendor Advisory]
https://www.namecheap.com/status-updates/ongoing-critical-security-vulnerability-in-cpanel-april-28-2026 (disclosure@vulncheck.com) [Third Party Advisory]
https://www.vulncheck.com/advisories/cpanel-and-whm-authentication-bypass-via-login-flow (disclosure@vulncheck.com) [Third Party Advisory]
https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/ (af854a3a-2127-422b-91ae-364da2661108) [Exploit, Third Party Advisory]
https://www.bleepingcomputer.com/news/security/critrical-cpanel-flaw-mass-exploited-in-sorry-ransomware-attacks/ (af854a3a-2127-422b-91ae-364da2661108) [Press/Media Coverage]
https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py (134c704f-9b21-4f2e-91b3-4a467353bcc0) [Exploit, Third Party Advisory]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]