cPanel zero-day exploited for months before patch release (CVE-2026-41940) (opens in new tab)

A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical details about the vulnerability – they have been spotted exploiting CVE-2026-41940 since February 23, and have likely been abusing it even earlier. About CVE-2026-41940 CPanel, typically provided by shared hos...