Show thread decio1d ago

Rien ne dit “bon week-end” comme trois CVE cPanel annoncées un vendredi, avec les détails techniques livrés pile au moment du patch -->c’est-à-dire à 18h, l’heure sacrée de l’apéro.

Santé aux admins qui vont lancer /scripts/upcp avec une main sur le clavier et l’autre sur le verre.
👇
" To help protect customers prior to patch availability, technical details about vulnerabilities will be released alongside the patches. Full technical details will be published on our support page at the same time the patch is released. The CVE IDs are CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203.

Patch & Affected Versions
The patch will be available on May 08 at 12:00pm EST and will be distributed through the standard cPanel automatic update process and through the manual update process. We strongly recommend performing a manual update with /scripts/upcp once the patch is made available. "
👇
https://www.reddit.com/r/cpanel/comments/1t6wf5n/cpanel_whm_security_update_cve202629201/

#CpanelVulnerability #cpanel #CyberVeille #vuln #infosec

Analyst2075d ago

cPanel Vulnerability Exploited to Target Gov't, MSP Networks

A critical cPanel vulnerability, CVE-2026-41940, is being actively exploited by attackers to bypass authentication and gain control of government, military, MSP, and hosting provider networks. This alarming threat uses hard-coded credentials and cleverly defeats CAPTCHA protections to wreak havoc on vulnerable systems.

https://osintsights.com/cpanel-vulnerability-exploited-to-target-govt-msp-networks?utm_source=mastodon&utm_medium=social

#CpanelVulnerability #Cve202641940 #AuthenticationBypass #GovernmentNetworks #Msp

cPanel Vulnerability Exploited to Target Gov't, MSP Networks

Learn how CVE-2026-41940 cPanel vulnerability is exploited to target gov't and MSP networks, and take immediate action to secure your control panel now.

OSINTSights
Analyst207May 1

cPanel Vulnerability Exploited, Ransomware Attacks Reported

A critical cPanel vulnerability, CVE-2026-41940, has been exploited, putting servers at risk of full takeover and ransomware attacks - with a near-worst-case severity score of 9.8. This flaw affects cPanel, WebHost Manager, and WP Squared, and has already been flagged by the US government's cybersecurity agency as being exploited in…

https://osintsights.com/cpanel-vulnerability-exploited-ransomware-attacks-reported?utm_source=mastodon&utm_medium=social

#CpanelVulnerability #Ransomware #Cve202641940 #WebhostManager #WpSquared

cPanel Vulnerability Exploited, Ransomware Attacks Reported

Learn about CVE-2026-41940, a critical cPanel vulnerability exploited in ransomware attacks, and take immediate action to secure your server now effectively.

OSINTSights
Analyst207Apr 30

cPanel Vulnerability Exposes Millions of Domains to Root Access Attacks

A critical cPanel vulnerability, rated 9.8 under CVSS, has been discovered, allowing attackers to craft a simple sequence of requests to bypass authentication and gain root access to servers, putting millions of domains at risk. Emergency patches are available to fix this gaping security flaw.

https://osintsights.com/cpanel-vulnerability-exposes-millions-of-domains-to-root-access-attacks?utm_source=mastodon&utm_medium=social

#CpanelVulnerability #Cve202641940 #RootAccess #WebhostManager #Whm

cPanel Vulnerability Exposes Millions of Domains to Root Access Attacks

Protect your domains from cPanel vulnerability attacks. Learn how to secure your site with emergency patches for CVE-2026-41940 and prevent root access now.

OSINTSights