As always... there is a
new critical security vulnerability in CWP:
https://www.cve.org/CVERecord?id=CVE-2026-57517https://ccb.belgium.be/advisories/warning-cve-2026-57517-cvss-98-blind-sql-injection-control-web-panel-letsNo info about it.Along side, there are multiple updates done in the past few days with critical changes - and bugs - and NO ONE says anything about this.
There is a bug that wipe all the SSH keys on the servers - no dev says anything.
There is a CVE for a critical security issue - was silently patch and no one says nothing.
There is a new script that do whatever it does in any server, looking for a mysterious SSH key... and
no info is provided about what is or what happend...
And of course: the forums are always down so no one can report anything. And the "excuse" is that is under a DDoS attack - of course, that is a excuse, since there is NO attack, and is a misconfigured server.
Along that:
Multiple updates with no changelog. Nothing. We only see numbers increase... and nothing being said about what is new, what changed or what was fixed. Silence.
Multiple bugs, introduced by the multiple updates without changelog, that have no fix.
And still, there are the same people here in the forum that defend everything, and say that the issue "is not CWP, is toxic user X or Y", or "everything is fine"...
Clearly, this is not fine. CWP have issues,
for months. For months there have been reports and users telling that they just want to know what is happening...
We just want to hear: What is going on??And still: no dev answers. Just the same users - most of them in a bubble that "everything is fine" - and providing danger info to any user that still is around here looking to know what is going on...