CISA Adds cPanel Authentication Bypass Vulnerability to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) added an authentication bypass vulnerability in cPanel to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The flaw, tracked as CVE-2026-41940, was confirmed by hosting providers to be under ongoing attack. No specific dates for the KEV listing or exploitation onset were provided. The vulnerability affects cPanel, a widely used web hosting control panel, enabling unauthorized access to systems. CISA’s inclusion in the KEV list mandates federal agencies to remediate the issue within a set timeframe.