CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation vulnerability in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All kernels since 2017 are affected.

CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All Linux kernels since 2017 are affected.

CloudLinux now supports cgroup v2 on CloudLinux 8, 9, 10, and Ubuntu 22. New installations of CloudLinux 10 following this release will use cgroup v2 by default. On all other versions, cgroup v1 remains the default, and you can switch to v2 when you're ready.

From a day-to-day operations standpoint, practically nothing changes. Your LVE limits, control panel interface, and resource monitoring all continue to work the same way.

As we enter 2026, the hosting industry faces a familiar but intensifying challenge. In the 2026 Web Hosting Trends Report, produced by CloudLinux together with our partner WebPros, around 65% of hosting providers reported revenue growth in 2025. But that growth is getting harder to keep.

In January, we launched the beta of Per-Site CageFS Isolates as the first phase of our CloudLinux Isolates project, introducing file system isolation between websites within the same hosting account.

Today, we're delivering Phase 2 with two significant additions: Per-Site PHP Selector, which lets each isolated website run its own PHP version and extensions, and a new self-service activation model that gives hosting providers granular control over who can use Isolates and lets end users manage isolation for their own domains.

The VPS hosting market is booming, projected to grow from $5.1 billion in 2024 to $14.1 billion by 2033, but there's a troubling reality behind these impressive numbers: profit margins are under siege.

Updated February 26, 2026: This article has been updated to reflect changes introduced in Phase 2 of CloudLinux Isolates. Key changes: --site-isolation-allow command has been renamed to --site-isolation-allow-all; end users can now enable isolation for their own domains (previously admin-only). See the Phase 2 announcement for full details.

Update on Feb 5, 2026: Added details about partial PHP-FPM support.

We are announcing the beta release of Per-Site CageFS Isolates, a new feature designed to enhance security within multi-site accounts. Available at no additional cost to existing CloudLinux customers, this release marks the first phase of our comprehensive CloudLinux Isolates project.

CloudLinux Product Pulse is a new webinar series designed to give our customers and partners an opportunity to hear directly from CloudLinux leadership and product experts the highlights of recent releases, what’s coming next in the product pipeline, and how we are enabling customers to build secure and profitable hosting businesses.

CloudLinux is implementing a pricing adjustment for CloudLinux OS Legacy licenses. Beginning January 1, 2026, pricing will increase by 5% per server, per month.

MAx Web Server version 1.3-14/15 delivers significant improvements to Apache-to-NGINX conversion accuracy, configuration processing, and system stability. This update focuses on enhancing compatibility and ensuring higher reliability in production environments.