U.S. CISA Adds cPanel Vulnerability to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability in WebPros cPanel to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is incorrectly referenced as CVE-2026-41940 (CVSS score of 9.3) in the article, though this appears to be a typographical error as the title and context indicate it pertains to cPanel, not Microsoft Defender. cPanel is a widely used web hosting control panel, suggesting the vulnerability could impact numerous hosting environments. No specific exploitation details, affected versions, or mitigation steps were provided in the reported content. The inclusion in the KEV catalog indicates active exploitation or significant risk to federal agencies. The source is Security Affairs.