CVE-2026-41940 is a critical authentication bypass in cPanel & WHM (CVSS 9.8) with confirmed multi-actor active exploitation beginning within 24 hours of public disclosure. An unauthenticated remote attacker can bypass authentication controls to gain full administrative access to hosted environments. With an estimated 1.5 million internet-exposed cPanel servers worldwide, automated exploitation at scale is underway.