The recent discovery of CVE-2026-41472 exposes a critical vulnerability in CyberPanel versions prior to 2.4.4. This security flaw allows unauthenticated attackers to exploit the AI Scanner dashboard. They can inject malicious JavaScript into the system, posing a severe threat to the security and integrity of Linux servers.
This vulnerability stems from a stored cross-site scripting (XSS) flaw associated with the POST /api/ai-scanner/callback endpoint. The lack of authentication at this endpoint enables attackers to overwrite the findings_json field of ScanHistory records with their malicious scripts. When administrators interact with the dashboard, these scripts can execute within their authenticated sessions, leading to potential remote code execution.
Server administrators and hosting providers should treat this vulnerability as a severe threat to server security. If exploited, the XSS vulnerability could lead to unauthorized access and control over affected systems. This risk can result in data breaches, unauthorized data manipulation, or even service outages, significantly impacting business operations and client trust.
To protect infrastructures, administrators should undertake the following actions:
Now is the time to act. Strengthen your server security against XSS and other threats. Utilizing a solution like BitNinja can provide enhanced protection through its web application firewall and advanced malware detection capabilities. Sign up for a free 7-day trial today, and take essential steps to secure your infrastructure.
