CVE-2026-41940

This repository contains a high-fidelity scanner for CVE-2026-41940, an authentication bypass vulnerability in cPanel/WHM. The scanner detects vulnerable hosts by injecting a session payload and verifying the response, avoiding false negatives and account lockouts.

This repository contains a functional exploit for CVE-2026-41940, a CRLF injection vulnerability in cPanel & WHM. The exploit automates the process of bypassing authentication and generating administrative tokens, demonstrating a clear path to unauthorized access.

This exploit demonstrates an authentication bypass in cPanel/WHM (CVE-2026-41940) by injecting a crafted Base64 payload via CRLF injection in the session cookie, leading to unauthorized root access. The PoC automates the attack chain, including session minting, token leakage, and password change.

This repository contains a functional Python tool for detecting and exploiting CVE-2026-41940, an authentication bypass vulnerability in cPanel & WHM and WP Squared. The tool includes multi-port scanning, Google dork generation, and interactive RCE capabilities via crafted Authorization headers.

This repository contains a detection tool for CVE-2026-41940, an authentication bypass vulnerability in cPanel/WHM. The tool scans for vulnerable instances but does not exploit the vulnerability.

This repository contains a functional exploit for CVE-2026-41940, an authentication bypass vulnerability in cPanel & WHM. The exploit leverages CRLF injection in the HTTP Basic authentication handler to manipulate session files, granting root privileges without valid credentials.

This repository contains a detection script for CVE-2026-41940, an authentication bypass vulnerability in cPanel/WHM. The script scans session files and logs for indicators of exploitation, such as newline injection in session handling, and provides severity-based findings.

This repository provides a detailed technical analysis of CVE-2026-41940, a critical unauthenticated RCE vulnerability in cPanel & WHM. It includes a comprehensive writeup explaining the root cause (CRLF injection via session data manipulation) and offers mitigation tools such as a defense-in-depth shim, ModSecurity rules, and IOC scanners.

This is a detailed security advisory from QiAnXin CERT regarding an authentication bypass vulnerability in cPanel & WHM (CVE-2026-41940). The document provides an overview of the vulnerability, including its impact and mitigation measures, but does not include functional exploit code.

The repository contains a Python-based scanner for detecting exposure to CVE-2026-41940, a cPanel/WHM authentication bypass vulnerability. It checks for proxy subdomain misconfigurations and passive indicators without attempting exploitation.

The repository contains no actual exploit code or technical details, only a vague title mentioning a 'Mass Scanner & Exploiter' for CVE-2026-41940. This is characteristic of a social engineering lure.

This repository provides two Bash scripts designed to detect and mitigate the effects of CVE-2026-41940, a critical vulnerability in cPanel/WHM. The scripts perform security audits, malware detection, and cleanup tasks but do not include functional exploit code.

This repository contains a functional Python exploit for CVE-2026-41940, an authentication bypass vulnerability in cPanel/WHM. The exploit includes a full chain to bypass authentication and gain an interactive shell, with detailed logging and target discovery mechanisms.

This repository contains a functional exploit for CVE-2026-41940, demonstrating a multi-step authentication bypass in cPanel/WHM via CRLF injection and session poisoning. The exploit follows a 4-step process to inject malicious session data, trigger session regeneration, and verify root-level access.

This repository provides a detailed technical analysis and remediation script for CVE-2026-41940, a pre-authentication bypass vulnerability in cPanel/WHM. It includes a comprehensive Bash script for detection, remediation, and patching, along with indicators of compromise (IOCs) and manual cleanup steps.

This repository contains a functional exploit for CVE-2026-41940, a critical authentication bypass vulnerability in cPanel/WHM. The exploit leverages CRLF injection in session handling to achieve root access without authentication.

This repository contains a functional exploit for CVE-2026-41940, targeting cPanel/WHM authentication bypass via CRLF injection and session forgery. The exploit automates the process of gaining root access by changing the root password.

This repository contains a functional exploit for CVE-2026-41940, targeting cPanel WHM authentication bypass via CRLF injection. The exploit follows a multi-stage process to bypass authentication and leak account data.

This repository contains a functional Go-based exploit for CVE-2026-41940, an authentication bypass leading to RCE in cPanel/WHM. The exploit includes a multi-stage attack chain to achieve root access on vulnerable systems.

This repository contains a functional Go-based exploit for CVE-2026-41940, a cPanel/WHM authentication bypass vulnerability. The tool supports both scanning and exploitation, including RCE, password modification, API calls, and session generation.

This repository contains a functional Python script that validates session authentication after exploiting CVE-2026-41940, an authentication bypass vulnerability in cPanel/WHM. The script tests multiple endpoints to confirm whether the injected session grants authenticated access, including API calls and terminal access.