A critical authentication-bypass vulnerability in cPanel is now under active exploitation, with multiple proof-of-concept exploits emerging shortly after disclosure. The situation is particularly concerning as one researcher claims the flaw may have been exploited as a zero-day for at least a month before it became publicly known. The vulnerability threatens millions of systems that rely on cPanel, one of the most widely-used web hosting control panels.