CVE-2026-41940 (GCVE-0-2026-41940)
Vulnerability from cvelistv5 – Published: 2026-04-29 15:10 – Updated: 2026-05-06 15:48Title
WebPros cPanel and WHM Authentication Bypass via Login Flow
Summary
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
Severity
9.8 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://support.cpanel.net/hc/en-us/articles/4007… | vendor-advisorypatch |
| https://docs.cpanel.net/release-notes/release-notes | release-notes |
| https://docs.wpsquared.com/changelogs/versions/ch… | release-notes |
| https://www.namecheap.com/status-updates/ongoing-… | third-party-advisory |
| https://www.vulncheck.com/advisories/cpanel-and-w… | third-party-advisory |
| https://github.com/watchtowrlabs/watchTowr-vs-cPa… | exploit |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
| https://www.bleepingcomputer.com/news/security/cr… | |
| https://labs.watchtowr.com/the-internet-is-fallin… |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| WebPros | cPanel |
Affected:
11.40.0.0 , < 11.86.0.41
(custom)
Affected: 11.88.0.0 , < 11.94.0.28 (custom) Affected: 11.96.0.0 , < 11.102.0.39 (custom) Affected: 11.104.0.0 , < 11.110.0.97 (custom) Affected: 11.112.0.0 , < 11.118.0.63 (custom) Affected: 11.120.0.0 , < 11.124.0.35 (custom) Affected: 11.126.0.0 , < 11.126.0.54 (custom) Affected: 11.128.0.0 , < 11.130.0.19 (custom) Affected: 11.132.0.0 , < 11.132.0.29 (custom) Affected: 11.134.0.0 , < 11.134.0.20 (custom) Affected: 11.136.0.0 , < 11.136.0.5 (custom) |
|
| WebPros | WP Squared |
Unaffected:
11.136.1.7
(custom)
|
|
| WebPros | WHM |
Affected:
11.40.0.0 , < 11.86.0.41
(custom)
Affected: 11.88.0.0 , < 11.94.0.28 (custom) Affected: 11.96.0.0 , < 11.102.0.39 (custom) Affected: 11.104.0.0 , < 11.110.0.97 (custom) Affected: 11.112.0.0 , < 11.118.0.63 (custom) Affected: 11.120.0.0 , < 11.124.0.35 (custom) Affected: 11.126.0.0 , < 11.126.0.54 (custom) Affected: 11.128.0.0 , < 11.130.0.19 (custom) Affected: 11.132.0.0 , < 11.132.0.29 (custom) Affected: 11.134.0.0 , < 11.134.0.20 (custom) Affected: 11.136.0.0 , < 11.136.0.5 (custom) |
Date Public
2026-04-28 00:00
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 1b96b1d8-cbda-4ec5-8e2d-dc802510aea3
Exploited: Yes
Timestamps
First Seen: 2026-04-30
Asserted: 2026-04-30
Scope
Notes: KEV entry: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability | Affected: WebPros / cPanel & WHM and WP2 (WordPress Squared) | Description: WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026 ; https://docs.cpanel.net/release-notes/release-notes/ ; https://docs.wpsquared.com/changelogs/versions/changelog/#13617 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41940"
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-306 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | cPanel & WHM and WP2 (WordPress Squared) |
| Due Date | 2026-05-03 |
| Date Added | 2026-04-30 |
| Vendorproject | WebPros |
| Vulnerabilityname | WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-04-30 17:00 UTC
| Updated: 2026-04-30 17:00 UTC
ENISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 4a77ab60-22dd-424e-9c24-a063b1a9e64b
Exploited: Yes
Timestamps
First Seen: 2026-05-08
Asserted: 2026-05-08
Scope
Notes: Affected: WebPros / cPanel | Description: cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel. | Exploitation type: ransomware | CWEs: CWE-306 | Origin source: CERT-PL | Notes: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026
Evidence
Type: Csirt Report
Signal: Confirmed Compromise
Confidence: 75%
Source: enisa-cnw-kev
Details
| Cwes | CWE-306 |
|---|---|
| Euvd | EUVD-2026-26246 |
| Notes | https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026 |
| Catalog | ENISA / EU CSIRTs Network (CNW) KEV JSON |
| Product | cPanel |
| Datereported | 2026/05/08 |
| Originsource | CERT-PL |
| Vendorproject | WebPros |
| Exploitationtype | ransomware |
| Vulnerabilityname | |
| Threatactorsexploiting | - |
References
Created: 2026-05-21 09:00 UTC
| Updated: 2026-05-21 09:00 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 8f356133-327f-472c-adf6-63605f152c6d
Exploited: Yes
Timestamps
First Seen: 2026-06-01
Asserted: 2026-06-01
Scope
Notes: KEVIntel entry: WebPros cPanel and WHM Authentication Bypass via Login Flow | Affected: WebPros / cPanel, WP Squared, WHM | CVSS: 9.3 (CRITICAL) | EPSS: 0.90543 | Used in malware: yes | Not yet in CISA KEV: False
Evidence
Type: Public Report
Signal: Confirmed Compromise
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | WebPros cPanel and WHM Authentication Bypass via Login Flow |
| Vendor | WebPros |
| Product | cPanel, WP Squared, WHM |
| Added Date | 2026-06-01T00:00:00.000Z |
| Cvss Score | 9.3 |
| Epss Score | 0.90543 |
| Cvss Severity | CRITICAL |
| Epss Percentile | 0.99789 |
| Used In Malware | yes |
| Ahead Of Cisa Kev |
|
| Not Yet In Cisa Kev | False |
References
Created: 2026-06-19 12:42 UTC
| Updated: 2026-06-19 12:42 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41940",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-04-30",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-01T03:55:47.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-30T00:00:00.000Z",
"value": "CVE-2026-41940 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-04T16:13:16.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.bleepingcomputer.com/news/security/critrical-cpanel-flaw-mass-exploited-in-sorry-ransomware-attacks/"
},
{
"url": "https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "cPanel",
"vendor": "WebPros",
"versions": [
{
"lessThan": "11.86.0.41",
"status": "affected",
"version": "11.40.0.0",
"versionType": "custom"
},
{
"lessThan": "11.94.0.28",
"status": "affected",
"version": "11.88.0.0",
"versionType": "custom"
},
{
"lessThan": "11.102.0.39",
"status": "affected",
"version": "11.96.0.0",
"versionType": "custom"
},
{
"lessThan": "11.110.0.97",
"status": "affected",
"version": "11.104.0.0",
"versionType": "custom"
},
{
"lessThan": "11.118.0.63",
"status": "affected",
"version": "11.112.0.0",
"versionType": "custom"
},
{
"lessThan": "11.124.0.35",
"status": "affected",
"version": "11.120.0.0",
"versionType": "custom"
},
{
"lessThan": "11.126.0.54",
"status": "affected",
"version": "11.126.0.0",
"versionType": "custom"
},
{
"lessThan": "11.130.0.19",
"status": "affected",
"version": "11.128.0.0",
"versionType": "custom"
},
{
"lessThan": "11.132.0.29",
"status": "affected",
"version": "11.132.0.0",
"versionType": "custom"
},
{
"lessThan": "11.134.0.20",
"status": "affected",
"version": "11.134.0.0",
"versionType": "custom"
},
{
"lessThan": "11.136.0.5",
"status": "affected",
"version": "11.136.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "WP Squared",
"vendor": "WebPros",
"versions": [
{
"status": "unaffected",
"version": "11.136.1.7",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "WHM",
"vendor": "WebPros",
"versions": [
{
"lessThan": "11.86.0.41",
"status": "affected",
"version": "11.40.0.0",
"versionType": "custom"
},
{
"lessThan": "11.94.0.28",
"status": "affected",
"version": "11.88.0.0",
"versionType": "custom"
},
{
"lessThan": "11.102.0.39",
"status": "affected",
"version": "11.96.0.0",
"versionType": "custom"
},
{
"lessThan": "11.110.0.97",
"status": "affected",
"version": "11.104.0.0",
"versionType": "custom"
},
{
"lessThan": "11.118.0.63",
"status": "affected",
"version": "11.112.0.0",
"versionType": "custom"
},
{
"lessThan": "11.124.0.35",
"status": "affected",
"version": "11.120.0.0",
"versionType": "custom"
},
{
"lessThan": "11.126.0.54",
"status": "affected",
"version": "11.126.0.0",
"versionType": "custom"
},
{
"lessThan": "11.130.0.19",
"status": "affected",
"version": "11.128.0.0",
"versionType": "custom"
},
{
"lessThan": "11.132.0.29",
"status": "affected",
"version": "11.132.0.0",
"versionType": "custom"
},
{
"lessThan": "11.134.0.20",
"status": "affected",
"version": "11.134.0.0",
"versionType": "custom"
},
{
"lessThan": "11.136.0.5",
"status": "affected",
"version": "11.136.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.86.0.41",
"versionStartIncluding": "11.40.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.94.0.28",
"versionStartIncluding": "11.88.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.102.0.39",
"versionStartIncluding": "11.96.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.110.0.97",
"versionStartIncluding": "11.104.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.118.0.63",
"versionStartIncluding": "11.112.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.124.0.35",
"versionStartIncluding": "11.120.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.126.0.54",
"versionStartIncluding": "11.126.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.130.0.19",
"versionStartIncluding": "11.128.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.132.0.29",
"versionStartIncluding": "11.132.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.134.0.20",
"versionStartIncluding": "11.134.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.136.0.5",
"versionStartIncluding": "11.136.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.86.0.41",
"versionStartIncluding": "11.40.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.94.0.28",
"versionStartIncluding": "11.88.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.102.0.39",
"versionStartIncluding": "11.96.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.110.0.97",
"versionStartIncluding": "11.104.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.118.0.63",
"versionStartIncluding": "11.112.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.124.0.35",
"versionStartIncluding": "11.120.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.126.0.54",
"versionStartIncluding": "11.126.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.130.0.19",
"versionStartIncluding": "11.128.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.132.0.29",
"versionStartIncluding": "11.132.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.130.0.18",
"versionStartIncluding": "11.134.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cpanel:wp_squared:*:*:*:*:*:*:*:*",
"versionEndExcluding": "136.1.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"datePublic": "2026-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T15:48:18.270Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.cpanel.net/release-notes/release-notes"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.wpsquared.com/changelogs/versions/changelog/#13617"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.namecheap.com/status-updates/ongoing-critical-security-vulnerability-in-cpanel-april-28-2026"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/cpanel-and-whm-authentication-bypass-via-login-flow"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WebPros cPanel and WHM Authentication Bypass via Login Flow",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-41940",
"datePublished": "2026-04-29T15:10:37.899Z",
"dateReserved": "2026-04-22T18:50:43.621Z",
"dateUpdated": "2026-05-06T15:48:18.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2026-41940",
"cwes": "[\"CWE-306\"]",
"dateAdded": "2026-04-30",
"dueDate": "2026-05-03",
"knownRansomwareCampaignUse": "Known",
"notes": "https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026 ; https://docs.cpanel.net/release-notes/release-notes/ ; https://docs.wpsquared.com/changelogs/versions/changelog/#13617 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41940\"",
"product": "cPanel \u0026 WHM and WP2 (WordPress Squared)",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "WebPros cPanel \u0026 WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.",
"vendorProject": "WebPros",
"vulnerabilityName": "WebPros cPanel \u0026 WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability"
},
"epss": {
"cve": "CVE-2026-41940",
"date": "2026-06-24",
"epss": "0.981",
"percentile": "0.99904"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-41940\",\"sourceIdentifier\":\"disclosure@vulncheck.com\",\"published\":\"2026-04-29T16:16:25.037\",\"lastModified\":\"2026-05-04T18:09:42.300\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2026-04-30\",\"cisaActionDue\":\"2026-05-03\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"WebPros cPanel \u0026 WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability\",\"weaknesses\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.40\",\"versionEndExcluding\":\"86.0.41\",\"matchCriteriaId\":\"D018D47F-B020-41B1-8755-9197EB8673D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"88.0.0\",\"versionEndExcluding\":\"110.0.97\",\"matchCriteriaId\":\"9BF3DBAC-D629-44A9-B102-2D8F82709CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"112.0.0\",\"versionEndExcluding\":\"118.0.63\",\"matchCriteriaId\":\"3EEFF12C-11E8-4A5C-9C72-BA1A422A9E72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"120.0.0\",\"versionEndExcluding\":\"124.0.35\",\"matchCriteriaId\":\"5533AA73-5007-4820-A5C6-0460C486882D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"126.0.1\",\"versionEndExcluding\":\"126.0.54\",\"matchCriteriaId\":\"15C0513D-8C56-4C5F-B818-E2CE90223AD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"128.0.0\",\"versionEndExcluding\":\"130.0.19\",\"matchCriteriaId\":\"B5FE32EC-AEFB-4B27-AE65-A95432CAA812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"132.0.0\",\"versionEndExcluding\":\"132.0.29\",\"matchCriteriaId\":\"24982921-6C0D-478E-BBF1-7C9DC7023760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"134.0.0\",\"versionEndExcluding\":\"134.0.20\",\"matchCriteriaId\":\"B0213A2B-4A5A-4098-87FF-517E33F96807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"136.0.0\",\"versionEndExcluding\":\"136.0.5\",\"matchCriteriaId\":\"09F99F08-1FB9-4BC6-8C7D-52062BA28479\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.40\",\"versionEndExcluding\":\"86.0.41\",\"matchCriteriaId\":\"63BE6DEF-A6EA-4545-9A3D-E1BA84A50EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"88.0.0\",\"versionEndExcluding\":\"110.0.97\",\"matchCriteriaId\":\"74E9C069-EA63-4B95-9229-45AD97563532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"112.0.0\",\"versionEndExcluding\":\"118.0.63\",\"matchCriteriaId\":\"2FCD52CF-3F10-4FFA-8FC7-AA5F370AF9B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"120.0.0\",\"versionEndExcluding\":\"124.0.35\",\"matchCriteriaId\":\"2ED81103-D03E-4351-9C19-1B3F120268D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"126.0.1\",\"versionEndExcluding\":\"126.0.54\",\"matchCriteriaId\":\"6DC3D6F0-8D07-4719-977E-DB978AEB7A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"128.0.0\",\"versionEndExcluding\":\"130.0.19\",\"matchCriteriaId\":\"C6C216F5-330D-4DAA-B042-1A4707FF658E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"132.0.0\",\"versionEndExcluding\":\"132.0.29\",\"matchCriteriaId\":\"8793EED8-BDBD-4CC8-9698-FCEE769CFB5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"134.0.0\",\"versionEndExcluding\":\"134.0.20\",\"matchCriteriaId\":\"53AC31A0-AD91-4897-89E7-1C05AF03BF5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"136.0.0\",\"versionEndExcluding\":\"136.0.5\",\"matchCriteriaId\":\"23D646D3-2BDC-44C8-8C5F-9E21B0613A48\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cpanel:wp_squared:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"136.1.7\",\"matchCriteriaId\":\"80392939-B45D-4C12-ADBB-334E783BDE67\"}]}]}],\"references\":[{\"url\":\"https://docs.cpanel.net/release-notes/release-notes\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://docs.wpsquared.com/changelogs/versions/changelog/#13617\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.namecheap.com/status-updates/ongoing-critical-security-vulnerability-in-cpanel-april-28-2026\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vulncheck.com/advisories/cpanel-and-whm-authentication-bypass-via-login-flow\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/critrical-cpanel-flaw-mass-exploited-in-sorry-ransomware-attacks/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.bleepingcomputer.com/news/security/critrical-cpanel-flaw-mass-exploited-in-sorry-ransomware-attacks/\"}, {\"url\": \"https://labs.watchtowr.com/the-internet-is-falling-down-falling-down-falling-down-cpanel-whm-authentication-bypass-cve-2026-41940/\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-04T16:13:16.841Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-41940\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-30T16:41:31.725741Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-04-30\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940\"}}}], \"references\": [{\"url\": \"https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py\", \"tags\": [\"exploit\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41940\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-29T15:34:02.425Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-30T00:00:00.000Z\", \"value\": \"CVE-2026-41940 added to CISA KEV\"}]}], \"cna\": {\"title\": \"WebPros cPanel and WHM Authentication Bypass via Login Flow\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.3, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"WebPros\", \"product\": \"cPanel\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.40.0.0\", \"lessThan\": \"11.86.0.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.88.0.0\", \"lessThan\": \"11.94.0.28\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.96.0.0\", \"lessThan\": \"11.102.0.39\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.104.0.0\", \"lessThan\": \"11.110.0.97\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.112.0.0\", \"lessThan\": \"11.118.0.63\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.120.0.0\", \"lessThan\": \"11.124.0.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.126.0.0\", \"lessThan\": \"11.126.0.54\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.128.0.0\", \"lessThan\": \"11.130.0.19\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.132.0.0\", \"lessThan\": \"11.132.0.29\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.134.0.0\", \"lessThan\": \"11.134.0.20\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.136.0.0\", \"lessThan\": \"11.136.0.5\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"WebPros\", \"product\": \"WP Squared\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.136.1.7\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"WebPros\", \"product\": \"WHM\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.40.0.0\", \"lessThan\": \"11.86.0.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.88.0.0\", \"lessThan\": \"11.94.0.28\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.96.0.0\", \"lessThan\": \"11.102.0.39\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.104.0.0\", \"lessThan\": \"11.110.0.97\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.112.0.0\", \"lessThan\": \"11.118.0.63\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.120.0.0\", \"lessThan\": \"11.124.0.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.126.0.0\", \"lessThan\": \"11.126.0.54\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.128.0.0\", \"lessThan\": \"11.130.0.19\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.132.0.0\", \"lessThan\": \"11.132.0.29\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.134.0.0\", \"lessThan\": \"11.134.0.20\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"11.136.0.0\", \"lessThan\": \"11.136.0.5\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2026-04-28T00:00:00.000Z\", \"references\": [{\"url\": \"https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026\", \"tags\": [\"vendor-advisory\", \"patch\"]}, {\"url\": \"https://docs.cpanel.net/release-notes/release-notes\", \"tags\": [\"release-notes\"]}, {\"url\": \"https://docs.wpsquared.com/changelogs/versions/changelog/#13617\", \"tags\": [\"release-notes\"]}, {\"url\": \"https://www.namecheap.com/status-updates/ongoing-critical-security-vulnerability-in-cpanel-april-28-2026\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.vulncheck.com/advisories/cpanel-and-whm-authentication-bypass-via-login-flow\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.86.0.41\", \"versionStartIncluding\": \"11.40.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.94.0.28\", \"versionStartIncluding\": \"11.88.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.102.0.39\", \"versionStartIncluding\": \"11.96.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.110.0.97\", \"versionStartIncluding\": \"11.104.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.118.0.63\", \"versionStartIncluding\": \"11.112.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.124.0.35\", \"versionStartIncluding\": \"11.120.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.126.0.54\", \"versionStartIncluding\": \"11.126.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.130.0.19\", \"versionStartIncluding\": \"11.128.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.132.0.29\", \"versionStartIncluding\": \"11.132.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.134.0.20\", \"versionStartIncluding\": \"11.134.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.136.0.5\", \"versionStartIncluding\": \"11.136.0.0\"}], \"operator\": \"OR\"}]}, {\"nodes\": [{\"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.86.0.41\", \"versionStartIncluding\": \"11.40.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.94.0.28\", \"versionStartIncluding\": \"11.88.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.102.0.39\", \"versionStartIncluding\": \"11.96.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.110.0.97\", \"versionStartIncluding\": \"11.104.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.118.0.63\", \"versionStartIncluding\": \"11.112.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.124.0.35\", \"versionStartIncluding\": \"11.120.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.126.0.54\", \"versionStartIncluding\": \"11.126.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.130.0.19\", \"versionStartIncluding\": \"11.128.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.132.0.29\", \"versionStartIncluding\": \"11.132.0.0\"}, {\"criteria\": \"cpe:2.3:a:cpanel:whm:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.130.0.18\", \"versionStartIncluding\": \"11.134.0.0\"}], \"operator\": \"OR\"}]}, {\"nodes\": [{\"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:cpanel:wp_squared:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"136.1.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"shortName\": \"VulnCheck\", \"dateUpdated\": \"2026-05-06T15:48:18.270Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-41940\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-06T15:48:18.270Z\", \"dateReserved\": \"2026-04-22T18:50:43.621Z\", \"assignerOrgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"datePublished\": \"2026-04-29T15:10:37.899Z\", \"assignerShortName\": \"VulnCheck\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…