Known exploited
WebPros
CVE published 2026-04-30
CVE-2026-41940
CVE-2026-41940 is a WebPros cPanel & WHM and WP2 (WordPress Squared) vulnerability described as a missing authentication issue affecting a critical function. CISA added the issue to its Known Exploited Vulnerabilities catalog on 2026-04-30 and marked it as having known ransomware campaign use, which makes this a high-priority remediation item for any exposed deployment. Because the supplied corpus does no [truncated]