TechCrunch·Apr 30, 2026

🚨cPanel Vulnerability Affects Millions of Websites

Millions of websites at risk due to critical security flaw

TL;DR

A newly discovered vulnerability in cPanel and WHM software allows hackers full control over servers. Tens of millions of website owners are affected, with some web hosts already patching systems.

Hackers can now hijack servers running cPanel and WebHost Manager (WHM) software due to a critical security flaw tracked as CVE-2026-41940. This bug affects all supported versions of the widely-used server management tools, potentially compromising tens of millions of websites worldwide. If you're using cPanel or WHM for your web hosting, this is a red alert — immediate action is required to avoid unauthorized access and potential data breaches.

cPanel Vulnerability Affects Millions of Websites

Key Points

1

The bug allows hackers unrestricted access to server administration panels, affecting millions of websites.

2

cPanel and WebHost Manager are used by tens of millions of website owners for managing web servers, emails, configurations, and databases.

3

Canada's national cybersecurity agency warns that exploitation is highly probable and immediate action is necessary to prevent data breaches.

4

Some web hosting companies like Namecheap blocked access to customers' cPanel panels to prevent hackers from exploiting the vulnerability.

5

cPanel rolled out a security fix for WP Squared, a tool used by many WordPress website owners.

Why It Matters

If you're using cPanel or WHM on your web server, this is a critical issue. Hackers can bypass login screens and gain full access to administrative panels. Immediate patching is essential to prevent unauthorized access and potential data breaches.

cPanelWebHost ManagerCVE-2026-41940vulnerabilitypatch

Frequently Asked Questions

Why does this matter?

If you're using cPanel or WHM on your web server, this is a critical issue. Hackers can bypass login screens and gain full access to administrative panels. Immediate patching is essential to prevent unauthorized access and potential data breaches.

What happened?

A newly discovered vulnerability in cPanel and WHM software allows hackers full control over servers. Tens of millions of website owners are affected, with some web hosts already patching systems.

Comments

Subscribe to join the conversation...

Be the first to comment

Enjoyed this article?

Get it daily. 7am. Free. Reads in 5 minutes.