cPanel has released an emergency security update to address CVE-2026-41940, a Critical vulnerability with a CVSS score of 9.8. This flaw allows an unauthenticated remote attacker to bypass the login flow and gain direct access to cPanel/WHM interfaces exposed to the internet — without any prior privileges or user interaction — potentially ...