Security News Critical cPanel and WHM bug exploited as a zero-day, PoC now available BleepingComputer Daniel Bender 30 Apr 2026 The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February.
