Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug ...

A critical-severity authentication bypass vulnerability in cPanel & WHM has been exploited as a zero-day since February 2026.

Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication ...

A critical security vulnerability affecting widely used web hosting software cPanel has prompted urgent calls for ...

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in ...

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...

Panel patches authentication flaw across supported versions, prompting Namecheap port blocks and temporary access limits.

Tens of thousands of online dashboards controlling servers and web hosting accounts appear to have been compromised by ...

A vulnerability in the cPanel/WHM admin interface lets attackers access websites without a username and password.

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.

A critical authentication bypass vulnerability in cPanel & WHM, tracked as CVE-2026-41940, has been actively exploited as a zero-day since at least February 2026. The flaw allows unauthenticated ...

CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after ...