New: AI Workforce - waiting list open →

    Written by Magento engineers

    Magento Hosting Insights

    Plain-English guides on Magento server requirements, performance and upgrades — written by the engineers who build and maintain the infrastructure.

    Deadline11 July 2026 · 10 min read

    Magento 2.4.6 End of Life: Decide Before 11 August 2026

    Regular support for Magento 2.4.6 ends 11 August — then no more security patches, ever. Your realistic options are 2.4.8 or 2.4.9. Here's how to choose and what the timeline looks like.

    Read the guide →
    Security11 July 2026 · 8 min read

    Bad Epoll (CVE-2026-46242): Root via the Machinery Under Every Web Server

    A race condition in the Linux epoll subsystem — the code nginx and PHP-FPM stand on — lets an unprivileged user become root. Kernels 5.10–6.11 affected. Here's what to check.

    Read the advisory →
    Security11 July 2026 · 8 min read

    Januscape (CVE-2026-53359): The KVM Escape That Threatens VPS-Hosted Stores

    A 16-year-old KVM flaw lets a virtual machine escape to its host — root over every VPS on the box, including yours. Patching inside your VPS isn't enough; here's what to ask your host.

    Read the advisory →
    Security11 July 2026 · 7 min read

    PHP DoS Flaws (CVE-2026-12184 & CVE-2026-14355): Update Your Magento PHP

    A failed TLS handshake can now crash the PHP running your store — and take the whole PHP-FPM pool with it. Fixed in PHP 8.2.32 / 8.3.32 / 8.4.23 / 8.5.8. Here's how to check yours.

    Read the advisory →
    Security10 June 2026 · 7 min read

    The Linux Kernel Exploit That Puts Shared Magento Hosting at Risk

    A working exploit for CVE-2026-23111 is now public — local root plus container escape on multi-tenant hosts. Here's who's exposed and what to do.

    Read the analysis →
    Security10 June 2026 · 5 min read

    Critical Mirasvit Cache Warmer RCE — Patch Now

    CVE-2026-45247 is a CVSS 9.8 unauthenticated RCE on CISA's actively-exploited list. If you run Mirasvit Full Page Cache Warmer below 1.11.12, here's what to do.

    Read more →
    Security Alert17 May 2026 · 6 min read

    Adobe Commerce Security Patches May 2026 (APSB26-49)

    Adobe patched critical vulnerabilities in Magento Open Source and Adobe Commerce on 15 May. Arbitrary code execution is on the list. No exploits in the wild yet — but that window closes fast.

    Read the alert →
    Upgrade Guide18 May 2026 · 8 min read

    Is Your Host Ready for Magento 2.4.9?

    PHP 8.3 dropped, MySQL 8.0 gone, Redis replaced by Valkey 8, OpenSearch 3.0 required. Six breaking infrastructure changes — here's the full checklist.

    Read the guide →
    Release14 May 2026 · 10 min read

    Magento 2.4.9 GA: Redis to Valkey, OpenSearch 3 — UK Upgrade Guide

    Magento 2.4.9 reached GA on 12 May 2026. The headline change: Valkey replaces Redis as the official cache. Plus OpenSearch 3, PHP 8.4, MySQL 8.4. UK store owner's upgrade checklist.

    Read the guide →
    Security Advisory14 May 2026 · 8 min read

    Fragnesia (CVE-2026-46300): What UK Magento Store Owners Need to Know

    A new Linux kernel privilege-escalation bug lets attackers chain a Magento webshell into full root access. Patches are rolling out now. Here's how to check if you're covered.

    Read the advisory →
    Security Update8 May 2026 · 5 min read

    EveryHost Ready to Apply Latest cPanel & WHM Security Updates

    EveryHost is preparing to apply patches for CVE-2026-29201, CVE-2026-29202 and CVE-2026-29203. Here's what managed customers need to know.

    Read the update →
    Security AlertMay 2026 · 8 min read

    CVE-2026-31431 “Copy Fail”: What Magento Store Owners Need to Know

    A new Linux kernel vulnerability gives attackers root access in 732 bytes. On shared hosting, one compromised account means every tenant is exposed. Here's what to do.

    Read the alert →
    Security AlertApril 2026 · 7 min read

    CVE-2026-41940: The cPanel Exploit That Could Delete Your Backups

    A critical authentication bypass in cPanel gave attackers root access to millions of servers — and the backups stored on them. Here's what Magento merchants need to know.

    Read the alert →
    PerformanceMay 2026 · 7 min read

    Magento Hyva Theme Hosting — What You Actually Need

    Hyva eliminates the browser bottleneck — so your server stack becomes the performance ceiling. Here's what changes when you migrate from Luma.

    Read the guide →
    UrgentApril 2026 · 5 min read

    KubeServers Is Closing — What Magento Merchants Need to Do

    KubeServers has confirmed it is shutting down. If you're a Magento merchant hosted with them, here's what happens next and how to migrate safely.

    Read the guide →
    GuideFeb 2026 · 6 min read

    Magento Dedicated Hosting UK (2026 Guide)

    A practical guide to Magento dedicated hosting in the UK: performance stack, prerequisites, and how to choose the right server.

    Read the guide →
    ChecklistFeb 2026 · 8 min read

    Magento Dedicated Hosting Buyer's Checklist (UK)

    A practical checklist to compare dedicated Magento hosting providers on hardware, stack, operations and security.

    Read the guide →
    OperationsFeb 2026 · 5 min read

    Adobe Commerce Patch Cadence: Planning Maintenance Windows Without Downtime Surprises

    Plan Magento patching around Adobe's schedule with a repeatable checklist for staging and production.

    Read the guide →
    SecurityFeb 2026 · 4 min read

    Magento Security Patch Releases Explained: What "-pN" Means and How to Apply Safely

    What security patch lines are, what to test, and the operational steps that reduce risk on live stores.

    Read the guide →
    Upgrade GuideFeb 2026 · 4 min read

    Adobe Commerce Versioning Policy: Major vs Minor vs Patch and How to Upgrade With Minimal Risk

    A clear guide to release types and a low-drama upgrade strategy that respects dependencies and extensions.

    Read the guide →

    Need a server that matches your Magento stack?

    Our engineers spec and manage dedicated Magento servers — NGINX, Varnish, OpenSearch, Valkey. No shared hosting. No tickets to level one support.