EasyApache 4 v25.49 Released with Valkey Security Fixes

cpanel

The latest version of EasyApache 4 v25.49 is now available. The update introduces security fixes and upgrades Valkey 7.2 to a newer version. As a result, server administrators running cPanel & WHM environments can improve both stability and security.

Valkey Updated to Version 7.2.12

In this release, developers upgraded Valkey 7.2 from version 7.2.11 to 7.2.12. This update includes important security patches and stability improvements. Therefore, servers running Valkey services can operate more securely.

Valkey functions as an in-memory data store similar to Redis. Many hosting environments use it for caching, session storage, and fast data access. Because of this, regular updates play an important role in protecting server infrastructure.

Security Vulnerabilities Fixed

This EasyApache release also resolves two security vulnerabilities affecting Valkey. These fixes help prevent potential attacks that could disrupt services.

CVE-2026-21863 – Remote Denial of Service

First, the update fixes CVE-2026-21863, which relates to a remote denial-of-service (DoS) vulnerability.

The issue occurs when a system processes malformed Valkey Cluster bus messages. In some cases, attackers could exploit this flaw to disrupt communication between cluster nodes. Consequently, affected systems might experience service interruptions.

After applying the update, servers can properly handle these malformed messages and prevent the attack scenario.

CVE-2025-67733 – RESP Protocol Injection

In addition, the update resolves CVE-2025-67733, which involves RESP protocol injection via Lua error_reply.

This vulnerability allows specially crafted responses to manipulate protocol behavior. As a result, attackers could potentially influence command responses in certain conditions.

However, Valkey 7.2.12 corrects this issue and strengthens protocol handling. Therefore, administrators should update their systems to avoid possible exploitation.

Security updates remain essential for maintaining a safe hosting environment. Outdated components often expose servers to known vulnerabilities. Therefore, administrators should apply updates as soon as possible.

EasyApache 4 v25.49 helps protect servers by delivering the latest Valkey fixes. In addition, the update improves overall reliability for systems that rely on Valkey services.

Administrators can review the complete list of changes in the official EasyApache change log before applying the update.

Click below and ‘share’ this article!