CISA Warns: Critical cPanel & WHM Vulnerability Actively Exploited
Why it matters: Indian organizations utilizing cPanel & WHM for their web hosting or relying on service providers using these platforms must prioritize immediate patching or mitigation to prevent active exploitation.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in cPanel & WHM web hosting platforms. This vulnerability, tracked as CVE-2026-41940, has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation by threat actors. The flaw affects WebPros products and poses a significant risk to web infrastructure globally.
Source: Cybersecurity News