cPanel

cPanel Zero-Day Gave Attackers Root Access to 70 Million Domains for 30+ Days

CVE-2026-41940 authentication bypass enabled unauthenticated root access to shared hosting infrastructure while cPanel held disclosure for two weeks.