
NGINX 1.31.2 and 1.30.3 Security Update: Hosting Checklist
Patch NGINX 1.31.2 or 1.30.3 for June 2026 security fixes. Check HTTP/3, proxy and gRPC paths, charset handling, config validation, safe reloads, logs, CDN behavior, and rollback planning.

Patch NGINX 1.31.2 or 1.30.3 for June 2026 security fixes. Check HTTP/3, proxy and gRPC paths, charset handling, config validation, safe reloads, logs, CDN behavior, and rollback planning.

Update Docker Desktop for CVE-2026-5843 and recent Docker Model Runner fixes. Check admin workstations, homelab systems, and support laptops.

YellowKey CVE-2026-45585 is a Windows BitLocker security feature bypass affecting Windows 11 and Windows Server 2025. Check WinRE, BitLocker, and patch plans now.

Update Caddy to 2.11.3 or later for CVE-2026-45135, then review PHP-FPM routing, upload paths, logs, and writable web directories.

Patch Kubernetes SMB CSI Driver CVE-2026-3865 to v1.20.1+, restrict PersistentVolume creation, review SMB exports, and verify backups.

Windows Secure Boot certificates from 2011 begin expiring in June 2026. Patch, reboot, verify, and stage server rollout safely.

Patch Linux ksmbd for CVE-2026-31718 and CVE-2026-31717, verify SMB exposure, disable unused ksmbd, and reboot into fixed kernels.