watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py

Releases0

Stars20

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-41940 ↗	Apr 29, 2026Wednesday, 29 April 2026, 16:16	9.8 CRITICAL	—
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.