May 29th, 2026 Update: We have now completed all Kernel and cPanel Patches on our server up to date. We will continue to monitor for further vulnerabilities and critical security issues that require immediate patching.
The following patches concluded:
• Dirty Frag: Linux kernel vulnerability affecting memory handling mechanisms which may allow local privilege escalation
• CVE-2026-31431 (“CopyFail”): Affects Linux systems and may allow privilege escalation
• CVE-2026-41940: cPanel API vulnerability that may allow unauthenticated remote access
• CVE-2026-23918: cPanel EA4 vulnerability
• CVE-2026-40684 to CVE-2026-40687: Exim vulnerabilities
For additional details, please refer to the following resources:
• Dirty Frag advisory:
Dirty Frag Vulnerability Report
• CopyFail advisory:
AlmaLinux CopyFail Advisory
• Kernel changelog:
AlmaLinux Kernel Changelog
• cPanel vulnerability advisory:
Canadian Centre for Cyber Security Advisory AL26-008
• EA4 security notice:
cPanel EA4 Security Notice
• Exim security notice:
cPanel Exim Security Notice
May 7, 2026:
For more information about these vulnerabilities:
The update process started on the morning of April 29th, 2026 and will continue through to May 1st, 2026.
We appreciate your patience while running this maintenance. Your solution security is paramount to us and we'll take all the steps necessary to help protect your digital presence.
