VulnerabilitiesMay 2, 2026
CVE-2026-41940: WebPros cPanel and WHM Authentication Bypass via Login Flow PoC https://t.co/ucR...
CVE-2026-41940 disclosed: WebPros cPanel/WHM authentication bypass via login flow PoC.
Summary
A critical authentication bypass vulnerability (CVE-2026-41940) has been disclosed in WebPros cPanel and WHM products, exploitable through the login flow mechanism. A proof-of-concept exploit has been made public, putting instances at immediate risk of unauthorized access.
Indicators of Compromise
- cve — CVE-2026-41940
Entities
WebPros (vendor)cPanel (product)WHM (Web Host Manager) (product)