Security researchers have identified a critical severity vulnerability impacting cPanel and WHM (Web Host Manager). Tracked as CVE-2026-41940, the vulnerability is being actively exploited in the wild. Successful exploitation of the vulnerability may allow an attacker to take control over the cPanel host system, its configurations and databases, and the websites it manages.