Tag

#cpanel

1 post tagged #cpanel.

Analysis · Apr 30, 2026 · Colten Anderson

CVE-2026-41940 isn't just a cPanel bug. It's a design assumption that shipped for a decade.

A CRLF injection in cPanel's session writer gave attackers unauthenticated root in four requests. The fix landed. The architecture question hasn't. Updated May 4 with exploitation scale: 44,000+ hosts compromised, ransomware, botnet, and state-sponsored campaigns confirmed.