CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

EUVD-2026-36376

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 - cPanel/WHM Authentication Bypass This reposi...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 — cPanel2Shell Interactive exploitation tool...

📄 CPanel/WHM CRLF Injection / Authentication Bypass / Remote Code Execution

This Metasploit module exploits CVE-2026-41940, a CRLF injection in cPanel/WHMs cpsrvd daemon that allows unauthenticated remote code execution as root. The Basic-auth handler writes the password to the raw session file without stripping newlines. Omitting the ob-part of the session cookie bypass...

Exploit for Missing Authentication for Critical Function in Cpanel

🚀 CVE-2026-41940 - cPanel/WHM Authentication Bypass Exploit...

PT-2026-40437

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Insufficient sanitization of SQL queries in the sqloptimizer utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 | cPanel/WHM Authentication Bypass Detection...

Exploit for Missing Authentication for Critical Function in Cpanel

cpanel-pwn cPanel/WHM security testing toolkit. Implements th...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 cPanel & WHM Verification Tool This repository...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 – cPanel/WHM Auth Bypass + Root Password Changer...

Exploit for Missing Authentication for Critical Function in Cpanel

cPanelSniper CVE-2026-41940 — c...

Exploit for CVE-2026-41940

cPanel/WHM Auth Bypass Scanner & Exploit Tool A Go command-li...

Exploit for CVE-2026-41940

Usage python 0day.py -f test.txt --external-only --show...

EUVD-2021-25026

Malware in sbrugna...

EUVD-2007-0851

Malware in sbrugna...

EUVD-2025-12591

Malicious code in bioql PyPI...

EUVD-2025-5492

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-43920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands...

Linux Distros Unpatched Vulnerability : CVE-2025-43919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailm...