CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Public Sector Action
Summary
Hide ▲
Show ▼
CISA added the LiteSpeed cPanel user-end plugin flaw to KEV and ordered Federal Civilian Executive Branch agencies to secure systems within three days under BOD 26-04. The action raises compliance urgency across the federal civilian footprint because the vulnerability is actively exploited and can lead to root escalation on affected shared hosting servers. Agencies are being pushed to treat the flaw as an immediate remediation item rather than a routine patch.
Related Happenings
CISA KEV mitigation for LiteSpeed cPanel Plugin (CVE-2026-54420)
Advisory/Mitigation
H score38
First: 16.06.2026 08:41
Last: 16.06.2026 08:41
Sources 1
How related:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin.
About this happening:
CISA put **CVE-2026-54420** in **LiteSpeed cPanel Plugin** on the **KEV catalog**, ordering **FCEB agencies** to apply fixes by **June 18, 2026**. The flaw is a **CVSS 8.5 privile...
CISA KEV mitigation for LiteSpeed cPanel Plugin (CVE-2026-54420)
Advisory/MitigationHow related: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin.
About this happening: CISA put **CVE-2026-54420** in **LiteSpeed cPanel Plugin** on the **KEV catalog**, ordering **FCEB agencies** to apply fixes by **June 18, 2026**. The flaw is a **CVSS 8.5 privile...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector Action
H score27
First: 10.06.2026 15:00
Last: 10.06.2026 15:00
Sources 1
About this happening:
**CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...
CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies
Public Sector ActionAbout this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...
CISA orders FCEB patching for CVE-2026-9082
Public Sector Action
H score42
First: 26.05.2026 11:46
Last: 26.05.2026 11:46
Sources 1
About this happening:
**CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
CISA orders FCEB patching for CVE-2026-9082
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-9082** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Drupal** by **May 27**, turning an actively exploited flaw into a mandatory federa...
LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)
Vulnerability
H score53
First: 23.05.2026 10:35
Last: 23.05.2026 10:35
Sources 1
How related:
LiteSpeed flagged it as actively exploited in early June and released urgent security updates, warning users to update the cPanel user-end plugin (bundled with the WHM plugin) to the latest version.
About this happening:
**CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...
LiteSpeed User-End cPanel Plugin root script execution security flaw (CVE-2026-48172)
VulnerabilityHow related: LiteSpeed flagged it as actively exploited in early June and released urgent security updates, warning users to update the cPanel user-end plugin (bundled with the WHM plugin) to the latest version.
About this happening: **CVE-2026-48172** in the **LiteSpeed User-End cPanel Plugin** is now **actively exploited**, creating **root-level arbitrary script execution** risk for exposed cPanel systems. T...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector Action
H score42
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector ActionAbout this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
Timeline
-
16.06.2026 13:47 2 articles · 2h ago
CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw
Initial DisclosureCISA placed the vulnerability in **KEV** and set a **three-day** remediation deadline for **FCEB agencies** after exploitation had already been observed. The order turns the flaw into an immediate federal patching priority for exposed hosting systems.
Show sources
- CISA warns of another cPanel plugin flaw exploited in attacks — www.bleepingcomputer.com — 16.06.2026 13:47
- CISA warns of another cPanel plugin flaw exploited in attacks — www.bleepingcomputer.com — 16.06.2026 13:47