Cyber Signal — OpenWatch

CISA added CVE-2026-41940, a missing authentication vulnerability in WebPros cPanel & WHM and WP2 (WordPress Squared), to its Known Exploited Vulnerabilities Catalog based on active exploitation evidence. The vulnerability is classified as a critical function bypass and represents a frequent attack vector for malicious actors. CISA urges all organizations to prioritize remediation as part of their vulnerability management practices, with federal agencies required to remediate by applicable due dates under BOD 22-01.

Original (en)

CISA has added one new vulnerability to its  Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2026-41940  WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.  Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria . 

Published

Apr 30, 2026, 06:00 PM UTC

13d ago

Significance

7.5/ 10

Source

CISA Current Activity

core tier · rss

Entities Detected

· click + to track

li><aKEVcPanel &ampWHMWordPress SquaredCommon Vulnerabilities and ExposuresFederal Civilian Executive BranchFCEBCISAMali

Read source article →

Related Signals

Cyber

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation: CVE-2024-1708 (ConnectWise ScreenConnect Path Traversal) and CVE-2026-32202 (Microsoft Windows Protection Mechanism Failure). CISA urges all organizations to prioritize timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices, as these represent significant active threats to enterprise security.

CISA Current Activity·15d ago

Cyber

CISA has added CVE-2026-33825, a Microsoft Defender Insufficient Granularity of Access Control Vulnerability, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. This vulnerability type is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. CISA urges all organizations to prioritize remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices.

CISA Current Activity·21d ago

Cyber

CISA has added CVE-2026-39987 (Marimo Remote Code Execution Vulnerability) to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. Federal agencies are required to remediate by established deadlines under BOD 22-01, while CISA urges all organizations to prioritize remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices.

Related Investment Themes

🧠

AI Chip Bottleneck

Compute demand doubling every 6-9mo · supply chain cannot scale

OPP 🛡

US Defense Surge

Bipartisan spending surge · NATO rebuild · multi-year contract pipeline

OPP 🔌

Taiwan Semiconductor Risk

Taiwan Strait chokepoint · 90% of advanced logic chips at risk

RISK

Signal ID: 4c0e2e8b…openwatch.io →