Hackers are exploiting a critical flaw in cPanel and WebHost Manager that can allow full server access without logging in.
Tracked as CVE-2026-41940, the issue lets attackers bypass authentication and reach admin panels. Canada’s Cyber Centre has warned that exploitation is “highly probable” and requires immediate action.
Because cPanel is widely used by hosting providers, attackers could gain control of websites, databases, and email accounts, potentially impacting multiple businesses on shared servers.
Patches have been released, but reports suggest that exploitation attempts began as early as February, before public disclosure.
To reduce risk, businesses should ensure systems are patched, check with hosting providers, review logs for unusual activity, and restrict access to admin interfaces.