New cPanel patch addresses CRLF injection flaw that could grant root server access

The vulnerability has been given a severity score of 9,8, and administrators should patch immediately.
Martin Cid Magazine

A new cPanel bug let attackers walk into 70 million websites without a password

A critical authentication bypass in cPanel and WHM let attackers walk through the front door of any internet-facing control ...

cPanel, WHM emergency update fixes critical auth bypass bug

A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be ...