WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
[POC] CVE-2026-41940 — cpanel2shell-scanner
High fidelity scanner for CVE-2026-41940 (cPanel & WHM authentication bypass)
[POC] CVE-2026-41940 — cPanelWHM-AuthBypass
CVE-2026-41940
[POC] CVE-2026-41940 — cPanel-CVE-2026-41940-Scanner
Advanced cPanel & WHM Security Scanner for CVE-2026-41940. with mass Shodan discovery
[POC] CVE-2026-41940 — CVE-2026-41940-cpanel-0day
CVE-2026-41940 latest cPanel & WHM 0day - 70 million websites are possible to expose by Chirag Artani
[POC] CVE-2026-41940 — cve-2026-41940-exploit
improved poc of cve-2026-41940
[POC] CVE-2026-41940 — cve-2026-41940-tool
A comprehensive Python utility to **detect**, **scan in bulk**, and **exploit** the critical authentication bypass vulnerability (CVE-2026-41940) in cPanel & WHM and WP Squared.
[POC] CVE-2026-41940 — CVE-2026-41940-AuthBypass-Detector
Detection tool for cPanel/WHM CVE-2026-41940 (CRLF injection auth bypass). Verify vulnerability on servers you own or have permission to test. For authorized security assessments only.
[POC] CVE-2026-41940 — 2026-41940-poc
CVE-2026-41940: detect and exploit cpanel vuln
[POC] CVE-2026-41940 — CVE-2026-41940-Exploit-PoC
CVE-2026-41940 Exploit PoC – cPanel & WHM Authentication Bypass via CRLF Injection
[POC] CVE-2026-41940 — CVE-2026-41940
PoC for CVE-2026-41940: WHM/cPanel authentication bypass chain (Python 2.7). For authorized security research and testing only.
PoC: CVE-2026-41940-Linux
⚠️ DISCLAIMER: This tool is intended for authorized penetration testing and educational purposes only. Using this tool against systems without explicit written permission is illegal. The developers are not responsible for any misuse or damage caused.
PoC: cpanelCVE
CVE-2026-41940 Auto Root Login
PoC: cpanelCVE
CVE-2026-41940 Auto Root Login
PoC: portscan-CVE-2026-41940
IP CIDRs (presumably as input, maybe command line or file) and checks ports 2083 and 2087 for openness
PoC: cpanel-cve-2026-41940-ioc
CVE-2026-41940 cPanel/WHM auth bypass IOC scanner — fixes false positives in upstream detection script, adds log cross-correlation
PoC: cpanel-sessionscribe
Detection, mitigation, and reverse-engineering tooling for CVE-2026-41940 (SessionScribe): the cPanel/WHM unauthenticated session-forgery vulnerability disclosed 2026-04-28. Defense-in-depth active mitigation shim, ModSec rule pack, remote probe, on-host IOC scanner, and per-tier RE snapshot collector. GPL v2.
PoC: CVE-2026-41940-PoC
CVE-2026-41940 authentication bypass vulnerability proof-of-concept
PoC: CVE-2026-41940-PoC
CVE-2026-41940 exploitation proof-of-concept project
PoC: CVE-2026-41940
Redacted cPanel/WHM authentication bypass analysis and authorized checker
PoC: CVE-2026-41940-PoC
CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel and WHM. This repository is designed to demonstrate its Proof-Of-Concept
PoC: Automated-scanner-CVE-2026-41940
Automated scanner & post-exploitation toolkit for CVE-2026-41940 — cPanel & WHM root authentication bypass via session-file CRLF injection
PoC: CVE-2026-41940
Private exploit
PoC: cpanel-cve-41940-detector
Read-only cPanel CVE-2026-41940 IOC detector for .sorry ransomware, Mr_Rot13 Filemanager backdoors, C2 callbacks, cron, SSH, and logs.
PoC: CVE-2026-41940-POC-Exploit
🚀 CVE-2026-41940 cPanel/WHM Auth Bypass Exploit - Professional Edition 💥 CRLF injection leads to auth bypass, session hijacking & account leak. ✅ Proxy, custom UA, keep-alive, retries, SSL verify, colored output, file save support. ⚡ Advanced PoC for pentesters.
PoC: CVE-2026-41940
CVE-2026-41940 — cPanel/WHM Auth Bypass By Dr.Anach, CRLF injection in `cpsrvd` Basic auth handler → unauthenticated WHM API access → RCE as root. All cPanel since v11.40 affected.
PoC: cpanel-forensics
Форензика после CVE-2026-41940 (cPanel/WHM) — bash-скрипт и чек-лист
PoC: cpsniper
cPanelSniper STABLE - CVE-2026-41940 optimized for 10M+ targets
PoC: cpanel-control-plane-exposure-check
Defensive exposure assessment tool for identifying externally accessible cPanel, WHM, and Webmail management interfaces related to CVE-2026-41940.
PoC: cpanel2shell-honeypot
A Rust honeypot that simulates a vulnerable cPanel/WHM instance for CVE-2026-41940
PoC: CVE-2026-41940
cve-2026-41940 cPanel/WHM Authentication Bypass - Detection Artifact Generator
PoC: CVE-2026-41940-Exploit-PoC
Test authentication bypass vulnerabilities in cPanel and WHM using this proof of concept exploit tool written in Go.
PoC: whmxploit---CVE-2026-41940
CVE-2026-41940
PoC: cpanel-pwn
cPanel/WHM CVE-2026-41940 CRLF injection auth bypass exploit
PoC: CVE-2026-41940-Detection
Detection signatures for CVE-2026-41940 and shemas for cPanel logs
PoC: CVE-2026-41940
Exploit CVE-2026-41940 auto exploit
PoC: cPanel-WHM-CVE-2026-41940-AuthBypass
cPanel-WHM-CVE-2026-41940-AuthBypass
PoC: CVE-2026-41940-cPanel-WHM-Verification-Tool
This repository contains a Python verification script for `CVE-2026-41940`, a critical authentication bypass vulnerability disclosed in cPanel & WHM. > This project is intended for authorized defensive validation only. It is not intended for exploit development, unauthorized access, or misuse against systems you do not own or administer.
PoC: sorry-ransomware-analysis
Sorry ransomware (.sorry) IOCs, YARA rules and forensic analysis - CVE-2026-41940 cPanel campaign
PoC: cPanelSniper
CVE-2026-41940 — cPanel & WHM Authentication Bypass via Session-File CRLF Injection
PoC: CVE-2026-41940-POC
cPanel/WHM Authentication Bypass Proof of Concept — CVE-2026-41940
PoC: CPanel-Audit-Remediation-Tool
Audit and incident response tool for CVE-2026-41940 vulnerability
PoC: CVE-2026-41940
CVE-2026-41940 Direct Shell Acess
PoC: CVE-2026-41940
cPanel & Whm Authentication Bypasser
PoC: CVE-2026-41940---cPanel-WHM-check
This is the office check script provided by cPanel for all the users who are using cPanel
PoC: CVE-2026-41940
CVE-2026-41940
PoC: cPanel-Fix
One security-remediation.sh for CVE-2026-41940 (cPanel), CVE-2026-31431 (kernel "Copy Fail"), CSF, optional domain/proxy cleanup, and optional operator hardening.
PoC: cpanel-malware-cleaner-cve-2026
cPanel malware, CVE-2026-41940, virus removal
PoC: CVE-2026-41940
https://devtint.github.io/CVE-2026-41940
PoC: CVE-2026-41940
CVE-2026-41940
PoC: CVE-2026-41940
Bulk scanner and mass exploitation tool for CVE-2026-41940 on cPanel/WHM, built for automated target validation and high-speed multi-threaded execution.
PoC: cpanelscanner
Cpanel Scanner For CVE-2026-41940
PoC: CVE-2026-41940
cPanel/WHM Authentication Bypass PoC
PoC: cPanelSniper
CVE-2026-41940 — cPanel & WHM Authentication Bypass via Session-File CRLF Injection
PoC: CVE-2026-41940
cPanel/WHM CVE-2026-41940 - Mass Scanner & Exploiter
PoC: cpanel-cve-2026-41940
cPanel CVE-2026-41940 nuclear.x86 Security Audit & Cleanup Script
PoC: CVE-2026-41940
A security research tool for detecting and analyzing cPanel/WHM services and their authentication behavior. Designed for authorized testing and educational purposes only.
PoC: CVE-2026-41940-MASS-EXPLOIT
CVE-2026-41940 SUPPORT SINGLE & MASS SCAN EXPLOIT
PoC: CVE-2026-41940-Exploit-PoC
This repository contains a Proof-of-Concept (PoC) exploit for CVE-2026-41940, a critical authentication bypass vulnerability in cPanel & WHM. The vulnerability allows unauthenticated remote attackers to gain unauthorized access to the control panel by abusing flaws in the login flow.
PoC: CVE-2026-41940
CVE-2026-41940利用工具(go并发检测,python利用)
PoC: cPanelWHM-AuthBypass
CVE-2026-41940
PoC: cPanel-WHM-AuthBypass-Session-Checker
Post-Exploitation Session Validation Tool for CVE-2026-41940
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free