Critical cPanel and WHM Vulnerability CVE-2026-41940 Exploited by Sorry Ransomware

A critical security flaw affecting cPanel and WHM, identified as CVE-2026-41940, is being actively exploited in the wild, including by the ransomware strain known as Sorry. The vulnerability targets Linux servers running cPanel, leading to the encryption of data on compromised systems. No specific timeline, affected version ranges, or geographic scope were provided in the report. The attack vector involves the exploitation of the unpatched flaw to deploy the ransomware. The impact includes unauthorized data encryption on cPanel-managed servers.