cPanel Critical Vulnerability - 20260430002

Overview

An authentication bypass vulnerability exists in cPanel & WHM that allows attackers to potentially bypass authentication controls via crafted session manipulation.

What is vulnerable?

Product(s) Affected	Version(s)	CVE	CVSS	Severity
cPanel WHM	all versions after 11.40	CVE-2026-41940	9.8	Critical

What has been observed?

The WASOC has not received any reports of this vulnerability being exploited on Western Australian Government networks at the time of writing. However, active exploitation attempts targeting this authentication bypass vulnerability in cPanel & WHM have been reported.

Recommendation

The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):

• cPanel: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Additional References

• watchTowr Labs: https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/