It's no secret that, in light of recent AI developments, concerns about security across open- and closed-source software are growing.

In response, we are excited to introduce Server Patch Management on RunCloud.

Our new Patch Manager brings publicly available patches into a single, manageable interface within your RunCloud dashboard. Instead of manually logging into each server to check for and apply updates, you can now see which servers need attention and apply patches in bulk, all from one place.

Learn More: How to Use Patch Manager in RunCloud

What's New

Patch Manager is now available under Settings in your Workspace and Personal Space, giving you a centralized view of available patches across all your servers.

See exactly which servers need attention: Each patch shows only the servers that match its criteria across OS, web server type, architecture, and more. No more guessing which of your servers are affected by a given vulnerability.

• Eligible server filtering: When you select a patch, only servers that match its criteria (OS, web server type, architecture, etc.) are shown. Servers that don't need the patch or are already patched are automatically excluded, so there's no guesswork involved.
• Bulk patch application: Select multiple eligible servers at once and apply patches in a single action. Acknowledge any reboot requirements and proceed on your schedule.
• Real-time status tracking: Watch each server progress through the patch lifecycle (Not Applied, In Progress, Patched, or Failed) with live updates. Navigate away and come back anytime; status is tracked per server.
• Clear visibility: Every patch explains why certain servers appear (and others don't), with a summary like "3 of 12 total servers match this patch." You'll always know what needs action and what doesn't.
• Audit trail: Every patch applied is logged, including what was applied, when, and by whom.

Where to find it

Navigate to Settings > Patch Manager to see available patches for your servers: 

Note: Patch Manager surfaces publicly available patches from upstream sources and provides a structured way to apply them via RunCloud. It is not a vulnerability research or custom patching tool.

What’s New

• Fix: Resolved an issue with ModSecurity configs failing to clone correctly.
• Improvement: Added a recovery notification for the autohealing process.

Deployment Information
This update will automatically roll out to all compatible servers within 72 hours.

• No action is required.
• The update installs seamlessly in the background.

RunCloud AI Monitoring continuously analyzes your server's activity to detect anomalies, classify severity, diagnose root causes, and surface remediation steps you can act on immediately.

Note: As AI Monitoring is still in beta, we recommend enabling it on test or non-production servers first. We're actively refining data handling and privacy documentation, which will be published ahead of general availability.

How It Works

• Read-only by design. RunCloud AI observes your server and provides insights. It never runs commands or makes changes automatically. 
• You stay in control. Any suggested commands & next steps are for you to review and run manually. 
• AI isn’t perfect. Recommendations may be incomplete or incorrect. Always verify before making changes.

Learn more in our documentation ->

How to Enable AI Monitoring

AI Monitoring can be enabled by navigating to your server of choice and looking for the new Install RunCloud AI option, as shown below: 

You'll see a one-time consent modal explaining how RunCloud works. Accept the terms, and then click Enable AI Monitoring to enable AI Monitoring on this server.

RunCloud Agent v2.17.12 (Patch)

What’s New

• Fix: Resolved an issue wp-config are not properly updated during cloning.

Deployment Information
This update will automatically roll out to all compatible servers within 72 hours.

• No action is required.
• The update installs seamlessly in the background.

PHP Updates Now Available for NGINX

• PHP 8.5.7
• PHP 8.4.22
• PHP 8.3.31
• PHP 8.2.31

Note: If your server runs on OpenLiteSpeed, RunCloud does not handle PHP version updates. However, once a PHP version update becomes available for OpenLiteSpeed, it should also be automatically available on your server(s).

RunCache has now rolled out to all production accounts as a beta.

How to Get Access to the RunCache Beta

To get started, ensure your server is running RunCloud Agent 2.17.10 (or later). From there, navigate to your web application(s) of choice and to the Performance (Beta) tab, or if you already have RunCloud Hub installed, to the RunCloud Hub tab, where you will be prompted to upgrade eligible web applications.

We look forward to any & all feedback. 🙌

I’m new to RunCache, tell me more…

TL;DR – RunCache is the next generation of RunCloud Hub. 

RunCache is a unified caching solution for WordPress that combines full-page caching, object caching, and edge caching in a single plugin. Here’s an overview: 

• Full-page, object, and edge caching in one plugin: No more relying on multiple caching plugins and server rules. One dashboard, one config.
• Smart auto-purging: Cache refreshes automatically on publish/update. WooCommerce hooks handle real-time invalidation for product, stock, and price changes.
• WooCommerce-ready out of the box: Cart, checkout, and account pages are automatically excluded. Product and category pages are cached for speed but instantly purged when content changes. No manual exclusions required.
• Cloudflare Edge Caching integration: Deliver content instantly worldwide with built-in edge caching support.
• Works with your existing stack: Fully supported on Apache and NGINX with FastCGI. Redis integration for native object and page cache. Multisite ready. WP-CLI support. 100% compatible with RunCloud and beyond.

What’s New

• Upgraded OpenLiteSpeed to v1.9.0

• Includes upstream stability improvements and bug fixes

This release incorporates fixes from the official OpenLiteSpeed 1.9.x branch, focusing on performance improvements, security fixes, and more.

For full upstream details, refer to the OpenLiteSpeed 1.9.x release log.

Deployment Information

• Automatic updates will roll out to all compatible servers within 72 hours
• No action required from users for the update process

What’s New

• Improvement: Upgrade the agent's cron job storage mechanism for better stability.

Deployment Information

This update will automatically roll out to all compatible servers within 72 hours.

• No action is required.
• The update installs seamlessly in the background.

What’s New

• RC Agent has been updated to support the RunCache (Native) beta. RunCache (Native) is currently available by invitation only as part of our beta testing program (more details coming soon). 

Deployment Information

This update will automatically roll out to all compatible servers within 72 hours.

• No action is required.
• The update installs seamlessly in the background.

What’s New

• Fixed: Firewall-related errors when modifying rules. 
• Improvement: Agent health reporting to eliminate false error alerts during server restarts. 

Deployment Information

This update will automatically roll out to all compatible servers within 72 hours.

• No action is required.
• The update installs seamlessly in the background.

This release updates Apache HTTP Server to v2.4.67, addressing multiple security vulnerabilities and shipping dependency upgrades.

Security Fixes

• CVE-2026-34059: Heap over-read and memory disclosure in mod_proxy_ajp via ajp_parse_data()
• CVE-2026-34032: Heap buffer over-read in mod_proxy_ajp due to missing null-termination check in ajp_msg_get_string()
• CVE-2026-33857: Off-by-one out-of-bounds reads in AJP getter functions (mod_proxy_ajp)
• CVE-2026-33523: HTTP response splitting via malicious status line forwarding across multiple modules
• CVE-2026-33007: Crash in mod_authn_socache via NULL pointer dereference (forward proxy configurations)
• CVE-2026-33006: Timing attack bypass against mod_auth_digest authentication
• CVE-2026-29169: Crash via NULL pointer dereference in mod_dav_lock (indirect lock handling)
• CVE-2026-29168: Unrestricted OCSP response processing in mod_md (resource exhaustion)
• CVE-2026-28780: Heap-based buffer overflow in mod_proxy_ajp via ajp_msg_check_header()
• CVE-2026-24072: Privilege escalation via ap_expr in mod_rewrite (.htaccess)
• CVE-2026-23918: Double free and possible RCE in HTTP/2 on early stream reset

Module updates:

• mod_md updated to v2.6.10 (fixes ARI compatibility, OCSP handling, and certificate renewal reliability)
• mod_http2 updated to v2.0.39 (removes custom memory allocator that caused issues with third-party modules; fixes double-free on stream purge)

Fixed

• Resolved missing ${SRVROOT} entries in conf\extra\httpd-ssl.conf