Liquid Web incident

Security Advisory: Linux Privilege Escalation Vulnerability (CVE-2026-31431)

Major Resolved View vendor source →

Liquid Web experienced a major incident on May 11, 2026 affecting Cloud Dedicated and Cloud VPS Hosting and 1 more component, lasting 25d 23h. The incident has been resolved; the full update timeline is below.

Started
May 11, 2026, 10:12 PM UTC
Resolved
Jun 06, 2026, 09:50 PM UTC
Duration
25d 23h
Detected by Pingoru
May 11, 2026, 10:12 PM UTC

Affected components

Cloud DedicatedCloud VPS HostingCPanel

Update timeline

  1. identified May 11, 2026, 10:12 PM UTC

    A recently disclosed Linux vulnerability (CVE-2026-31431), sometimes referred to as “Copy Fail,” affects certain Linux distributions and may allow a local, unprivileged user to escalate privileges under specific conditions. This issue has been classified as high severity. Status Our security and operations teams have completed an assessment of our infrastructure and have applied all relevant vendor patches and mitigations to affected systems. Impact No evidence of exploitation has been identified within our environment Systems under our management have been patched or otherwise mitigated Customer Guidance Customers managing their own systems or using unmanaged services should ensure they have applied the latest security updates provided by their Linux distribution and review any related vendor advisories. We will continue monitoring this vulnerability and will provide updates if new information becomes available.

  2. resolved Jun 06, 2026, 09:50 PM UTC

    This incident has been resolved.