CVE-2026-41940
CriticalSummary
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
Risk Assessment
This vulnerability could lead to unauthorized access to sensitive data and management functions, posing a serious security threat to the organization.
Recommendation
It is recommended to update to the latest version of cPanel and WHM to mitigate this vulnerability and implement additional security measures such as access log monitoring.
Original NVD description (English source)
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

