A critical vulnerability has been detected in the cPanel and WebHost Manager (WHM) software, which is used to manage millions of websites around the world, allowing cyber attackers to completely take control of the servers. This vulnerability, tracked under the code CVE-2026-41940, allows attackers to gain unauthorized access to the administration panel by bypassing the login screen. Security researchers state that this situation, which affects all supported cPanel versions, poses a serious risk for servers that have not been updated. The Canadian Cyber ​​​​Security Agency emphasized that the possibility of exploitation of the vulnerability is quite high and called on web hosting providers and system administrators to apply an urgent patch.

Attackers Have Been Trying to Access the System for Months

cPanel and WHM are comprehensive software packages that handle critical infrastructure operations such as management of web servers, email traffic and database configurations. The deep access permissions of these software on the server make the extent of the security vulnerability even more dangerous. An attacker infiltrating the admin panel can result in the seizure of all data on the server.

It is estimated that the vulnerability dates back to late February.

KnownHost CEO Daniel Pearson announced that during their investigations, they detected unauthorized login attempts against the servers on their networks as of February 23. Stating that approximately 30 servers among thousands of computers were targeted, Pearson stated that there is no evidence of an active data breach at this stage, but the situation is being closely monitored. Such attempts prove that cybercriminals have been secretly monitoring vulnerabilities in popular management tools for a long time.

Web Hosting Companies Are Taking Urgent Measures

The leading companies in the sector took quick action due to the seriousness of the problem. Namecheap announced that it is temporarily restricting access to cPanel panels and prioritizing patching efforts to ensure the security of its customers. Other giants such as Hostgator also announced that they protected their systems by completing similar updates.

It is vital that all cPanel users worldwide upgrade their systems to the latest version.

Security patches have been released not only for cPanel and WHM, but also for WordPress management tools such as WP Squared. Security experts recommend that individual users of hosting services also access their control panels and check for any unusual activity. In particular, sites hosted on shared hosting servers are more vulnerable as they run the risk of being affected by a vulnerability on a single server.

Are you worried about the security of your own website or servers? Have you checked whether the hosting service provider you use has updated it? You can share your thoughts and experiences on this subject with us in the comments section.