Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-11T06:16:05.283025+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/30e7daca-ef19-4a75-818a-947e459fb46a/export 30e7daca-ef19-4a75-818a-947e459fb46a 2026-05-11T06:16:05.291084+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "30e7daca-ef19-4a75-818a-947e459fb46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://gist.github.com/rwill76/6cd8dda1a418af2aa51a28babbdef1c0", "content": "", "creation_timestamp": "2026-05-09T04:03:24.000000Z"} 2026-05-09T04:03:24+00:00 https://vulnerability.circl.lu/sighting/5875e85f-64fc-425f-8b87-fda20f35e425/export 5875e85f-64fc-425f-8b87-fda20f35e425 2026-05-11T06:16:05.291004+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "5875e85f-64fc-425f-8b87-fda20f35e425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41940", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mlfl7wnwgc2g", "content": "Critical cPanel Vulnerability CVE-2026-41940 Being Weaponized Against Governm...\n\nCVE-2026-41940, a critical cPanel authentication bypass vulnerability, is being actively exploited to target government and MSP netw...\n\n\ud83d\udd17 https://ipsec.live/blog/cve-2026-41940-cpanel\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-09T06:05:13.102737Z"} 2026-05-09T06:05:13.102737+00:00 https://vulnerability.circl.lu/sighting/10c20f1b-6c34-4434-a85d-9032d5bb44d9/export 10c20f1b-6c34-4434-a85d-9032d5bb44d9 2026-05-11T06:16:05.290926+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "10c20f1b-6c34-4434-a85d-9032d5bb44d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://bsky.app/profile/fookhwa.bsky.social/post/3mlg2anxtmo2j", "content": "The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)", "creation_timestamp": "2026-05-09T10:34:03.305937Z"} 2026-05-09T10:34:03.305937+00:00 https://vulnerability.circl.lu/sighting/0f3103ae-6d06-4677-b615-29d4054d4c73/export 0f3103ae-6d06-4677-b615-29d4054d4c73 2026-05-11T06:16:05.290843+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "0f3103ae-6d06-4677-b615-29d4054d4c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mlg2uzj4s72d", "content": "cPanel and WHM released patches for three vulnerabilities allowing arbitrary file read, Perl code execution, denial-of-service, and privilege escalation. CVE-2026-41940 was recently used to deploy Mirai and Sorry malware. #ServerSecurity #LinuxHosts", "creation_timestamp": "2026-05-09T10:45:26.237364Z"} 2026-05-09T10:45:26.237364+00:00 https://vulnerability.circl.lu/sighting/b4f89830-a22b-4950-a1fb-810880964d42/export b4f89830-a22b-4950-a1fb-810880964d42 2026-05-11T06:16:05.290758+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b4f89830-a22b-4950-a1fb-810880964d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116545332721409405", "content": "If you missed this, the updates were released yesterday: https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026\nThe Hacker News: cPanel, WHM Release Fixes for Three New Vulnerabilities https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html @thehackernews #infosec #vulnerability #cPanel", "creation_timestamp": "2026-05-09T15:30:54.219045Z"} 2026-05-09T15:30:54.219045+00:00 https://vulnerability.circl.lu/sighting/b101dd3d-2182-4aaa-84c5-bf0b549bc052/export b101dd3d-2182-4aaa-84c5-bf0b549bc052 2026-05-11T06:16:05.290652+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b101dd3d-2182-4aaa-84c5-bf0b549bc052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mlh6m6kndk2x", "content": "\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001WebPros cPanel\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ea\u30b9\u30c8\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f \u3001Microsoft Defender\u306e\u8106\u5f31\u6027\uff08CVE-2026-41940\u3001CVSS\u30b9\u30b3\u30a29.3\uff09 \u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002\n\ncPanel\u306f \u3001\u30b3\u30de\u30f3\u30c9\u30e9\u30a4\u30f3\u30c4\u30fc\u30eb\u3067\u306f\u306a\u304f\u30b0\u30e9\u30d5\u30a3\u30ab\u30eb\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30fc\u30b9\u3092\u901a\u3057\u3066\u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u3084\u30b5\u30fc\u30d0\u30fc\u3092\u7ba1\u7406\u3067\u304d\u308b\u3001\u5e83\u304f\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u30a6\u30a7\u30d6\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u306e\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u30d1\u30cd\u30eb\u3067\u3059\u3002\n\n\u30b5\u30a4\u30d0\u30fc...", "creation_timestamp": "2026-05-09T21:24:50.034686Z"} 2026-05-09T21:24:50.034686+00:00 https://vulnerability.circl.lu/sighting/902b1c38-48b7-493e-9f35-816a25277d23/export 902b1c38-48b7-493e-9f35-816a25277d23 2026-05-11T06:16:05.290566+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "902b1c38-48b7-493e-9f35-816a25277d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41940", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mlham2twiu2k", "content": "\ud83d\udce2 CVE-2026-41940 : Zero-day cPanel exploit\u00e9 64 jours avant divulgation, ransomware et botnet d\u00e9ploy\u00e9s\n\ud83d\udcdd ## \ud83d\uddd3\ufe0f Contexte\n\nArticle publi\u00e9 l\u2026\nhttps://cyberveille.ch/posts/2026-05-09-cve-2026-41940-zero-day-cpanel-exploite-64-jours-avant-divulgation-ransomware-et-botnet-deployes/ #Black_Basta #Cyberveille", "creation_timestamp": "2026-05-09T22:00:26.677511Z"} 2026-05-09T22:00:26.677511+00:00 https://vulnerability.circl.lu/sighting/d17874b7-19ce-4864-a722-cd8db9333dcf/export d17874b7-19ce-4864-a722-cd8db9333dcf 2026-05-11T06:16:05.290469+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d17874b7-19ce-4864-a722-cd8db9333dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://t.me/GithubRedTeam/83664", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cpsniper\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 44pie\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-10 12:58:53\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\ncPanelSniper STABLE - CVE-2026-41940 optimized for 10M+ targets\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-10T13:00:04.000000Z"} 2026-05-10T13:00:04+00:00 https://vulnerability.circl.lu/sighting/820bacff-ffbf-436e-b9db-6a26e31c4c28/export 820bacff-ffbf-436e-b9db-6a26e31c4c28 2026-05-11T06:16:05.290342+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "820bacff-ffbf-436e-b9db-6a26e31c4c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://t.me/GithubRedTeam/83691", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a cpanel-forensics\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ngksiva\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Shell\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-10 16:39:14\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u0424\u043e\u0440\u0435\u043d\u0437\u0438\u043a\u0430 \u043f\u043e\u0441\u043b\u0435 CVE-2026-41940 (cPanel/WHM) \u2014 bash-\u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u0447\u0435\u043a-\u043b\u0438\u0441\u0442\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-10T17:00:04.000000Z"} 2026-05-10T17:00:04+00:00 https://vulnerability.circl.lu/sighting/73a26c0a-749e-48e8-a619-e195f1e2a27c/export 73a26c0a-749e-48e8-a619-e195f1e2a27c 2026-05-11T06:16:05.288605+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "73a26c0a-749e-48e8-a619-e195f1e2a27c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41940", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mljpgindec2g", "content": "\u91cd\u5927\u306acPanel\u8106\u5f31\u6027\u304c\u653f\u5e9c\u304a\u3088\u3073MSP\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3092\u6a19\u7684\u306b\u3059\u308b\u305f\u3081\u306b\u6b66\u5668\u5316\u3055\u308c\u305f\n\n\u3053\u308c\u307e\u3067\u672a\u77e5\u3067\u3042\u3063\u305f\u8105\u5a01\u30a2\u30af\u30bf\u30fc\u304c\u3001\u6771\u5357\u30a2\u30b8\u30a2\u306e\u653f\u5e9c\u30fb\u8ecd\u4e8b\u6a5f\u95a2\u3092\u6a19\u7684\u306b\u3057\u3001\u30d5\u30a3\u30ea\u30d4\u30f3\u3001\u30e9\u30aa\u30b9\u3001\u30ab\u30ca\u30c0\u3001\u5357\u30a2\u30d5\u30ea\u30ab\u3001\u7c73\u56fd\u306b\u304a\u3051\u308b\u7ba1\u7406\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\uff08MSP\uff09\u3084\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u30d7\u30ed\u30d0\u30a4\u30c0\u30fc\u306e\u5c0f\u898f\u6a21\u306a\u30af\u30e9\u30b9\u30bf\u30fc\u3068\u5171\u306b\u3001cPanel\u306e\u6700\u8fd1\u516c\u8868\u3055\u308c\u305f\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002\n\n\u3053\u306e\u6d3b\u52d5\u306f\u30012026\u5e745\u67082\u65e5\u306b Ctrl-Alt-Intel \u306b\u3088\u3063\u3066\u691c\u51fa\u3055\u308c\u3001CVE-2026-41940 \u306e\u60aa\u7528\u3092\u4f34\u3063\u3066\u3044\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306f cPanel \u304a\u3088\u3073 WebHost Manager (WHM) \u306b\u3042\u308a\u3001\u2026", "creation_timestamp": "2026-05-10T21:31:15.705624Z"} 2026-05-10T21:31:15.705624+00:00