Serial number: AV26-404
Date: April 29, 2026
Updated: April 30, 2026
On April 28, 2026, cPanel published a security advisory to address vulnerabilities in the following product:
- cPanel & WebHost Manager (WHM) software – versions prior to 11.86.0.41, 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.130.0.19, 11.132.0.29, 11.136.0.5, 11.134.0.20 and WP Squared 11.136.1.7
Update 1
On April 30, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-41940 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.