{
  "title": "LiteSpeed cPanel Plugin CVE-2026-54420: KEV Symlink-Following Exposure in Shared Hosting",
  "summary": "CISA added LiteSpeed cPanel Plugin CVE-2026-54420 to KEV on 2026-06-15 with a 2026-06-18 due date. LiteSpeed says v2.4.8, bundled with WHM Plugin v5[.]3[.]2[.]1, fixes a symlink-following flaw that can let a user with FTP or web shell access escalate to root on shared hosting servers running CloudLinux/CageFS.",
  "date": "2026-06-15",
  "severity": "high",
  "tags": [
    "litespeed",
    "cpanel",
    "cisa-kev",
    "shared-hosting",
    "hosting",
    "privilege-escalation",
    "zero-day"
  ],
  "sources_count": 3,
  "indicators": {
    "slug": "litespeed-cpanel-plugin-cve-2026-54420-kev",
    "since": "2026-06-15T00:00:00Z",
    "until": "2026-06-15T23:59:59Z",
    "ecosystem": "",
    "cves": [
      "CVE-2026-54420"
    ],
    "cwes": [
      "CWE-61"
    ],
    "advisoryIds": [],
    "products": [],
    "packages": [],
    "versions": [],
    "affectedVersions": [],
    "fixedVersions": [],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [],
    "urls": [],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": []
  }
}