Kubernetes will correct older unfixed CVE records on June 1, 2026. Use this checklist to triage scanner alerts without mistaking configuration risks for simple patch gaps.
PHP 8.5.6, 8.4.21, 8.3.31, and 8.2.31 are security releases. Use this hosting checklist for cPanel, Plesk, WordPress, WooCommerce, and PHP-FPM updates.
Updated June 2: cPanel & WHM v136 now includes 136.0.18/136.0.19 fixes for Exim, Template Toolkit, Roundcube, AlmaLinux 10 MySQL Tools, and 2FA login loops.
Serve HLS playlists and video segments with Nginx, set the right MIME types, plan cache behavior, and understand when NGINX Plus or a streaming module is needed.
Install Certbot for Nginx, request a Let’s Encrypt certificate, test renewal, reload safely, and avoid common hosting-panel mistakes.
CISA added PAN-OS CVE-2026-0257 to KEV after limited exploit attempts. Check GlobalProtect authentication override cookies, mitigate, patch, and verify VPN logs.
WooCommerce AI Product Advisor is available as a public beta. Use this install, privacy, review, and rollback checklist before testing it on a store.
WP Maps Pro CVE-2026-8732 is a critical unauthenticated admin account creation flaw. Update to 6.1.1+, review admin users, and verify site changes.
WordPress 7.0 has a publishing panel hotfix path for Classic Editor and affected custom publishing workflows. Update Classic Editor to 1.7.0 or use Hotfix 1.4 where needed, then verify publishing.
LiteSpeed Cache CVE-2026-3375 is patched in 7.8. Update the WordPress plugin, check CSS optimization settings, purge cache, and verify CDN origin exposure.
