CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2026-41940, a vulnerability in WebPros cPanel & WHM and WP2 involving missing authentication for critical functions, to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability is actively exploited and poses a significant risk to federal networks, prompting CISA to urge all organizations to prioritize its remediation.
IFF Assessment
The addition of an actively exploited vulnerability to CISA's KEV catalog signifies an increased threat to organizations, necessitating immediate defensive actions.
Severity
CISA KEV: Listed as actively exploited. Federal patch due: May 03, 2026. Known ransomware use: Unknown.
Defender Context
Organizations, especially those in the federal civilian executive branch, must prioritize patching CVE-2026-41940 to mitigate active exploitation risks. The inclusion in CISA's KEV catalog highlights its current threat level, and defenders should be vigilant for exploitation attempts targeting this type of authentication bypass vulnerability.