Contabo incident

cPanel/WHM vulnerability (CVE-2026-41940)

Minor Resolved View vendor source →

Contabo experienced a minor incident on May 8, 2026, lasting 5d 9h. The incident has been resolved; the full update timeline is below.

Started
May 08, 2026, 03:21 AM UTC
Resolved
May 13, 2026, 01:14 PM UTC
Duration
5d 9h
Detected by Pingoru
May 08, 2026, 03:21 AM UTC

Update timeline

  1. monitoring May 05, 2026, 09:59 AM UTC

    Description The cPanel/WHM vulnerability (CVE-2026-41940) is considered critical and may allow unauthorized access to servers without valid login credentials, even when Two-Factor Authentication (2FA) is enabled. For additional details and recommended actions, please refer to the guide we have prepared. https://help.contabo.com/en/support/solutions/articles/103000400313-cpanel-whm-vulnerability-cve-2026-41940-immediate-recovery-and-protection-guide Estimated duration 0 minutes