CISA warns critical cPanel and WHM flaw is now exploited in attacks

CISA has added CVE-2026-41940 to its Known Exploited Vulnerabilities catalog, warning that attackers are actively exploiting a critical cPanel and WHM authentication bypass flaw. The bug affects WebPros cPanel & WHM and WP Squared. It can let a remote attacker bypass login checks and gain unauthorized access to administrative control panels without valid credentials. This […] The post CISA warns critical cPanel and WHM flaw is now exploited in attacks appeared first on VPN Central.