Regarding ioc_checksessions_files.sh for CVE-2026-41940

Kent Brockman

• May 01, 2026 15:24

Hi there cPRex, I also CC Devon Courtney because he is signing the referenced post at https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026

Guys, I just wanted to pinpoint an issue with your script. I noticed you are updating it every day (I set up a change detection monitor on that URL) and although I can see you are improving detections, you can also be sure that we, your customers, would love to see attached to it some sort of versioning and changelog in order to have some awareness regarding if we have analyzed the servers with the latest possible version of the script. So, would you mind adding a basic changelog please?

Thanks in advance and happy Labour Day.
Marcelo

• 

  cPRex Jurassic Moderator

  • May 01, 2026 15:31

  Hey hey!  There's been several asks for this and I've brought it up with the team.  Hopefully that is something that can be added soon!

  0
• 

  Kent Brockman

  • May 02, 2026 16:48

  I've found the new script posted on May 1st. One caveat to remark: don't detail the failed attempts because ALWAYS have been and will be failed attempts. Only list CRITICAL and WARNING ones. Put the SUMMARY at the end for better understanding and UX. 

  0
• 

  cPRex Jurassic Moderator

  • May 04, 2026 02:50

  Thanks for that - I've passed that along to the team!

  1

Please sign in to leave a comment.