CVE-2026-41940
CVE-2026-41940 — cPanel/WHM Authentication Bypass (CRLF Injection) Technical synopsis: A CRLF injection in the login/session handling enables unauthenticated remote attackers to bypass authentication and gain root-level access via the cpsess session token. Public analyses describe the attack chai...