We would like to inform you about recently disclosed critical security vulnerabilities affecting cPanel/WHM and Linux-based operating systems.
cPanel / WHM Security Update
A critical vulnerability (CVE-2026-41940) was identified in cPanel & WHM that could potentially allow authentication bypass and unauthorized root-level access.
Our Action:
All Broodle servers have already been successfully updated to the latest secure version, and necessary mitigation steps have been applied. Your hosting environment is fully secured against this vulnerability.
Advisory:
https://support.cpanel.net/hc/en-us/articles/40073787579671-cPanel-WHM-Security-Update-04-28-2026
Linux Kernel Security Update
A separate critical vulnerability (CVE-2026-31431) has been discovered in the Linux kernel, impacting systems running distributions such as CloudLinux, AlmaLinux, and Ubuntu.
This issue may allow unauthorized root access if systems are not updated.
Our Action:
All managed infrastructure under Broodle Host has been patched and secured against this vulnerability.
Important for VPS / Dedicated Server Users:
If you manage your own server, we strongly recommend updating your system immediately:
yum update -y # CloudLinux / AlmaLinux
apt update && apt upgrade -y # Ubuntu
Details & guide:
https://blog.cloudlinux.com/cve-2026-31431-copy-fail-kernel-update
Important Note
This Linux vulnerability originates from the upstream operating system and is not related to Broodle services or infrastructure.
Summary
- All Wloud hosting and WordPress hosting servers are already updated and secure
- No action is required for Cloud and WordPress hosting users
- Self-managed server users should update immediately
Wednesday, April 29, 2026
