Cyber Blog

Security researchers have revealed a serious vulnerability affecting cPanel that could allow attackers to bypass authentication and gain access to server control panels.

The issue impacts multiple authentication paths and affects all supported versions of cPanel and WebHost Manager. Attackers can exploit this flaw to log in without valid credentials, potentially taking control of hosting environments.

The vulnerability, tracked as CVE 2026 41940, has been assigned a severity score of 9.8 out of 10, indicating a critical risk. It enables remote attackers to access systems without authentication, making it especially dangerous for internet facing servers.

Hosting providers have already taken emergency measures to reduce risk. Some temporarily blocked access to key ports used by cPanel and WHM interfaces, limiting user access until security patches could be fully deployed.

Researchers warn that the flaw has likely been exploited in real world attacks even before public disclosure. This suggests that systems running outdated or unpatched versions may already be compromised.

If exploited, attackers could gain full administrative control over servers. This would allow them to access customer data, modify websites, install malicious software, and move deeper into connected systems.

To reduce risk, users are strongly advised to update their cPanel installations immediately to the latest patched versions. Additional temporary protections include blocking specific ports or stopping vulnerable services until updates are applied.

Experts emphasize that this incident highlights the importance of rapid patching and proactive monitoring, especially for widely used infrastructure tools, where a single flaw can impact a large number of websites and services.