Summary
A critical authentication bypass vulnerability (CVE-2026-41940, CVSS 9.8) in cPanel and WHM is being actively exploited to grant attackers full root access to web servers.
Take Action:
If you use cPanel or WHM on your servers, this is urgent, you are being hacked. Immediately run /scripts/upcp --force to apply the emergency patch, then verify the version with /usr/local/cpanel/cpanel -V. Until you've confirmed the update, block external access to ports 2083 and 2087. If you are using cPanel as a customer, reach to your hosting provider to confirm that they have updated cPanel.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)