Critical cPanel Bug Exposes Millions of Websites to Hackers
A newly discovered cPanel vulnerability threatens millions of websites. Learn how hackers are exploiting this bug and what you can do to protect your site.
Security researchers have raised alarms about a serious vulnerability in cPanel and WebHost Manager (WHM), software used by millions of websites globally. This bug, tracked as CVE-2026-41940, allows hackers to bypass login screens and gain full control over affected servers, posing a significant risk to website owners.
Immediate Action Required
Many web hosting companies have already patched their systems, but users must ensure their installations are updated. The potential for exploitation is high, especially on shared hosting servers. Here are key points to consider:
- •The vulnerability affects all supported versions of cPanel and WHM.
- •Hackers have reportedly been exploiting this bug since February 23.
- •Major hosting providers like Namecheap and Hostgator are taking proactive measures to block access and apply patches.
Given the widespread use of cPanel, the implications of this vulnerability could be severe. Website owners are urged to act quickly to secure their systems and prevent unauthorized access.