Free Online Tool

cPanel CVE Checker

Enter a public hostname. We look for cPanel/WHM fingerprints and .sorry ransomware indicators — then point you to the right self-check guides.

All-in-one check 41940 guide
Passive external check — no cPanel login.

Tracked cPanel CVEs

  • CVE-2026-41940 — pre-auth CRLF, CISA KEV, .sorry ransomware
  • CVE-2026-48172 — Redis socket local root escalation
  • May 8 TSR cluster — emergency patches CVE-2026-29201/29202/29203