CVE-2026-49261 scores CVSS 10.0 and allows unauthenticated RCE in MariaDB Galera Cluster deployments. Standalone installations are not affected. Patches shipped May 27.
Category: Security
Single-connection HTTP/2 attack crashes web servers. nginx is patched today; Apache's fix has not reached distribution package managers.
A dataset allegedly from Home.pl, Poland's largest hosting provider, is being advertised on a cybercrime forum. We analyze the schema and what it means for 300,000+ customers.
A cPanel zero-day hit Guam. CISA got breached through Ivanti. Salt Typhoon accessed US wiretap systems. The case file of government breaches.
LiteSpeed cPanel Plugin CVE-2026-48172 (CVSS 10.0) lets any cPanel user execute scripts as root. Actively exploited. Patch to 2.4.7 now.
A FunnelKit vulnerability is being actively exploited to steal card data from WooCommerce checkouts. Every customer who paid on a compromised store is affected. Patch to 3.15.0.3 now.
4VPS was breached on May 2. Two days later, The Gentlemen ransomware group's backend was leaked, exposing victim lists, ransom negotiations, and attack tooling
Skynethosting took its entire cPanel fleet offline on May 1 in response to CVE-2026-41940, and as of May 14 some customer servers had been down for nearly two weeks, with one reseller publicly reporting a 30 percent client loss during the outage.
William Bowling of V12 Security disclosed Fragnesia on May 13, 2026, a Linux kernel privilege escalation that allows an unprivileged local attacker to reach root by corrupting the kernel page cache through the XFRM ESP-in-TCP subsystem.
A flaw sitting in nginx since 2008 was patched on May 13, 2026. CVSS 9.2, unauthenticated, and present in the default rewrite module.