Security
Caddy CVE-2026-45135: FastCGI PHP-FPM Patch Guide
Update Caddy to 2.11.3 or later for CVE-2026-45135, then review PHP-FPM routing, upload paths, logs, and writable web directories.
May 18, 2026
No Comments
Update Caddy to 2.11.3 or later for CVE-2026-45135, then review PHP-FPM routing, upload paths, logs, and writable web directories.
Patch Linux ksmbd for CVE-2026-31718 and CVE-2026-31717, verify SMB exposure, disable unused ksmbd, and reboot into fixed kernels.
A Rocky Linux WHM/cPanel emergency patch and migration guide for existing servers affected by CVE-2026-41940 and CVE-2026-31431.
A practical Ubuntu 24.04 LTS WHM/cPanel patch guide for CVE-2026-41940 and CVE-2026-31431, with apt commands, reboot checks, and service verification.
A step-by-step AlmaLinux WHM and cPanel patch guide for CVE-2026-41940 and CVE-2026-31431, with commands for AlmaLinux 8, 9, and 10.
CVE-2026-31431, also called Copy Fail, is a Linux kernel local privilege escalation that can turn a small foothold into root access on vulnerable systems.
CVE-2026-41940 is a critical cPanel and WHM authentication bypass. Here is who is exposed, what the impact means, and what server owners should do now.
Defensive IIS guidance for Windows Server admins: patch, reduce exposure, review logs, verify web roots, and prepare recovery.
