A critical authentication bypass vulnerability in cPanel software has triggered widespread exploitation attempts within 24 hours of public disclosure, affecting millions of websites across tens of thousands of server instances. CVE-2026-41940, assigned a CVSS score of 9.8, allows attackers to gain administrative access and completely take over servers and hosted websites.
cPanel issued a security update on April 28 to address the flaw affecting all supported versions of cPanel, WebHost Manager (WHM), and WP Squared products. The vulnerability was formally tracked as CVE-2026-41940 on April 29, the same day WatchTowr Labs published a proof-of-concept exploit describing it as a “disaster” flaw.
Zero-Day Activity Predates Public Disclosure
KnownHost, a managed cPanel hosting provider, flagged CVE-2026-41940 as a zero-day vulnerability after detecting exploitation attempts on approximately 30 servers. In Reddit posts, KnownHost CEO Daniel Pearson confirmed the vulnerability had been “exploited for at least the last 30 days,” with attack indicators dating back to February 23.
This timeline suggests threat actors discovered and weaponized the flaw independently before its official disclosure, making it a true zero-day vulnerability. The gap between initial exploitation and public awareness highlights the challenge security teams face in detecting sophisticated attacks targeting widely-deployed infrastructure software.
Internet scanning data from Censys showed multiple threat actors began targeting the cPanel flaw within 24 hours of public disclosure, demonstrating the rapid weaponization cycle that follows vulnerability releases.
Linux Copy Fail Vulnerability Gains Traction
A separate critical vulnerability affecting Linux distributions has entered active exploitation phase, according to CISA warnings. CVE-2026-31431, dubbed “Copy Fail,” lurked undetected for nearly a decade before disclosure on April 29, impacting all Linux distributions since 2017.
The vulnerability affects the kernel’s authentication AEAD template, allowing authenticated attackers with code execution privileges to modify cache pages of readable setuid-root binaries for privilege escalation. CISA added CVE-2026-31431 to its Known Exploited Vulnerabilities catalog on Friday, mandating federal agencies patch within two weeks.
Microsoft reported observing “limited in-the-wild exploitation” primarily involving proof-of-concept testing. However, the company warned that successful exploitation leads to full root privilege escalation and could facilitate container breakout, multi-tenant compromise, and lateral movement in shared environments.
The vulnerability’s reliability, stealth capabilities through in-memory-only modification, and cross-platform applicability make it particularly dangerous in cloud, CI/CD, and Kubernetes environments where untrusted code execution is common.
Android Debug Bridge Flaw Enables Remote Code Execution
Google patched a critical Android vulnerability on Monday that enables remote code execution without user interaction. CVE-2026-0073 affects Android’s System component, specifically the Android Debug Bridge daemon (adbd) that manages communication between devices and computers.
The flaw allows attackers to execute code as the shell user without requiring additional execution privileges or user interaction. Google’s advisory indicates no evidence of active exploitation, making this a proactive security fix rather than a response to observed attacks.
Only one Android vulnerability has been flagged as exploited in the wild this year, though several flaws saw active exploitation in 2024, including CVE-2024-43093, CVE-2024-50302, CVE‑2025‑27038, CVE-2025-48543, and CVE-2025-38352.
AI Agent Vulnerabilities Surface in Popular Tools
Two separate vulnerabilities affecting AI agents highlight emerging attack vectors as artificial intelligence tools become more integrated into development workflows. A critical flaw in Gemini CLI received a perfect 10/10 CVSS score for enabling supply chain attacks through indirect prompt injection.
Pillar Security discovered that Gemini CLI in –yolo mode ignored tool allowlists, automatically executing any command. Attackers could exploit this by creating public GitHub issues containing malicious prompts that would compromise AI agents designed to automatically triage user submissions.
Google addressed the vulnerability on April 24 in Gemini CLI version 0.39.1, which now properly evaluates tool allowlisting under –yolo mode. The fix also resolved a separate trust issue in headless mode that automatically trusted workspace folders, potentially exposing credentials and source code.
Separately, LayerX Security identified “ClaudeBleed” in the Claude extension for Chrome, combining lax permissions with poor origin trust implementation. The vulnerability allows any Chrome extension to run commands in Claude through content script injection, enabling remote prompt injection and AI agent takeover.
What This Means
The rapid exploitation of CVE-2026-41940 demonstrates how quickly threat actors can weaponize critical vulnerabilities in widely-deployed infrastructure software. The revelation of month-long zero-day activity before disclosure underscores the importance of proactive threat hunting and anomaly detection in hosting environments.
The emergence of AI agent vulnerabilities like those in Gemini CLI and Claude extension represents a new attack surface as organizations integrate artificial intelligence into development and operational workflows. These flaws highlight the need for security frameworks specifically designed for AI-assisted tools.
The decade-long presence of Copy Fail in Linux kernels illustrates how subtle vulnerabilities can persist undetected in foundational software. Organizations running Linux-based infrastructure, particularly in cloud and container environments, should prioritize immediate patching given the vulnerability’s broad applicability and available proof-of-concept exploits.
FAQ
How can organizations protect against CVE-2026-41940 exploitation?
Immediate patching is critical – update to the latest cPanel, WHM, and WP Squared versions released April 28. Monitor server logs for unusual administrative access patterns and consider temporarily restricting administrative panel access to known IP ranges while patches are deployed.
What makes Copy Fail particularly dangerous for cloud environments?
CVE-2026-31431 enables privilege escalation from any authenticated user to root access, making it especially dangerous in multi-tenant cloud environments where container breakout could compromise other customers’ data. The in-memory-only exploitation leaves minimal forensic traces.
Should organizations be concerned about AI agent security vulnerabilities?
Yes – as AI tools become integrated into development workflows, they represent new attack vectors for supply chain compromise. Organizations should audit AI agent permissions, implement strict allowlisting for automated actions, and monitor for unusual AI-generated commands or code changes.
