https://enhance.com/support/release-notes
Security
- Due to the recent local privilege escalation (LPE) vulnerabilities in the Linux kernel targetting setuid binaries (CVE-2026-43284, CVE-2026-43500, CVE-2026-31431, etc), this release now hides known setuid binaries from website containers. This does not make your system immune to such vulnerabilities but it does limit potential attack vectors and would frustrate any attacks originating from a compromised CMS or a malicious customer.
- This provides no protection from attacks originating from a non-Enhance user or from a remote code execution (RCE) in software which does not run within an Enhance website container.
- This does not negate the need to keep your system up to date or to apply any temporarily mitigations to current or future LPE vulnerabilities.
- To benefit from this change, you must reboot the system after installing the updated Enhance packages.
