• Freitag, Juli 10, 2026

On 9 July 2026, two high-severity Linux kernel vulnerabilities were publicly disclosed: Januscape (CVE-2026-53359), a KVM guest-to-host escape affecting both Intel and AMD systems, and Bad Epoll (CVE-2026-46242), a local privilege escalation with a public proof-of-concept exploit.

We treated both with the highest priority. Our entire virtualization infrastructure was patched immediately after the fixes became available, and all hypervisor nodes are now running fully updated, hardened kernels. There is no indication that either vulnerability was exploited on our platform, and customer data was not at risk at any point.

We recommend that customers also update the operating systems inside their own VPS and dedicated servers, as Bad Epoll affects guest systems independently of the host. For most distributions, a standard package update followed by a reboot is sufficient.

 

Security patching of this kind is part of our standing commitment to keeping your services safe. If you have questions, please open a ticket with our support team.