Critical cPanel & WHM Bug CVE-2026-41940 Is Being Exploited
cPanel disclosed CVE-2026-41940 on April 28, 2026. Two days later, CISA added it to the Known Exploited Vulnerabilities catalog, and on May 1, 2026 Australia’s ACSC said it was aware of active exploitation in the wild.[1][4][5][6] For hosting...