What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access to the control panel. The vulnerability carries a CVSS 3.1 score of 9.8 and is…
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/04/imperva-customers-protected-against-cve-2026-41940-in-cpanel-whm/
