authentication bypass
Coverage of authentication bypass in the Nexus archive.
- PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Palo Alto Networks has warned that a medium-severity authentication bypass vulnerability (CVE-2026-0257) in PAN-OS and Prisma Access is being actively exploited. The flaw allows attackers to establish unauthorized VPN connections.
- The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
A critical authentication bypass vulnerability, CVE-2026-41940, has been discovered in CPanel/WHM, allowing attackers to bypass login screens and gain unauthorized access. The flaw, reported by Watchtowr Labs, has sparked widespread concern about server security.
- Critical cPanel and WHM bug exploited as a zero-day, PoC now available
A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, WHM, and WP Squared is being actively exploited in the wild as a zero-day attack, with proof-of-concept (PoC) code now available. The flaw has been leveraged since late February, highlighting urgent security risks for users of these platforms.
- Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day
A critical vulnerability in cPanel and WHM allows attackers to bypass authentication and gain root server access, with emergency patches now available. The flaw, likely exploited as a 0-day, affects millions of domains managed through the platform.