Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA KEV mitigation for LiteSpeed cPanel Plugin (CVE-2026-54420)

Advisory/Mitigation
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

CISA put CVE-2026-54420 in LiteSpeed cPanel Plugin on the KEV catalog, ordering FCEB agencies to apply fixes by June 18, 2026. The flaw is a CVSS 8.5 privilege-escalation issue that can turn FTP or web shell access into root on shared hosting servers running CloudLinux/CageFS. LiteSpeed says affected builds include LiteSpeed cPanel Plugin before 2.4.8 and LiteSpeed WHM PlugIn before 5.3.2.0, with a fix in LiteSpeed WHM Plugin v5.3.2.1 bundled with cPanel plugin v2.4.8 or higher.

Related Happenings

LiteLLM v1.83.14-stable security fix release (multiple vulnerabilities)

Security Patch Release
H score42 First: 15.06.2026 19:39 Last: 15.06.2026 19:39 Sources 1

About this happening: **BerriAI** shipped **LiteLLM v1.83.14-stable** to close a **three-CVE chain** that could let a low-privilege proxy user reach **full admin** and **run code on the server**. The u...

Open Happening

LiteLLM proxy privilege-escalation and RCE chain (multiple vulnerabilities)

Vulnerability
H score37 First: 15.06.2026 19:39 Last: 15.06.2026 19:39 Sources 1

About this happening: **LiteLLM proxy** now has a disclosed **three-CVE** chain that lets a low-privilege user reach **proxy_admin** and run code on the server, putting provider keys and stored credent...

Open Happening

SolarWinds security patch release for CVE-2026-28318

Security Patch Release
H score82 First: 05.06.2026 22:15 Last: 05.06.2026 22:15 Sources 1

About this happening: SolarWinds released **Serv-U 15.5.4 Hotfix 1** for **CVE-2026-28318**, an **actively exploited** denial-of-service flaw that can crash exposed **Serv-U** servers. The update fixes...

Open Happening

LiteSpeed cPanel user-end plugin urgent security update (CVE-2026-48172)

Security Patch Release
H score55 First: 27.05.2026 13:06 Last: 27.05.2026 13:06 Sources 1

About this happening: LiteSpeed released **urgent security updates** for the **cPanel user-end plugin** after **CVE-2026-48172** was found to be **actively exploited**, reducing exposure for systems ru...

Open Happening

LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)

Vulnerability
H score53 First: 23.05.2026 10:35 Last: 23.05.2026 10:35 Sources 1

About this happening: **CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...

Open Happening

Timeline

  1. 16.06.2026 08:41 1 articles · 3h ago

    Namecheap brings CVE-2026-54420 in LiteSpeed cPanel Plugin to attention

    Attribution Update

    Namecheap is credited with bringing CVE-2026-54420 in LiteSpeed cPanel Plugin to attention on May 31, 2026. The flaw affects shared hosting servers running CloudLinux/CageFS and can let a user with FTP or web shell access escalate privileges to root.

    Show sources
    Open in new tab
  2. 16.06.2026 08:41 2 articles · 3h ago

    CISA adds CVE-2026-54420 in LiteSpeed cPanel Plugin to the KEV catalog

    Legal Policy Action Update

    CISA added CVE-2026-54420 in LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities catalog and required Federal Civilian Executive Branch agencies to apply the fixes by June 18, 2026. LiteSpeed advised upgrading to LiteSpeed WHM Plugin v5.3.2.1 bundled with cPanel plugin v2.4.8 or higher to patch the privilege-escalation flaw.

    Show sources
    Open in new tab