bc1q3909urygy90qhytu32344ws0t5vy085y0h7xc8 0x71faaDcAF2538e7346885F772FBAcb88740059A8 49PeCUfdgmG1ZMAzUxz2WFWiRDbDrycrJ8qYVfxBq6HWCHjk7uncaoESm7CRF5DtxcFgStuvyvcfUD3p4xU33F8dPep53MP 3 analyses tagged cpanel, sorted newest first.
CISA added LiteSpeed cPanel Plugin CVE-2026-54420 to KEV on 2026-06-15 with a 2026-06-18 due date. LiteSpeed says v2.4.8, bundled with WHM Plugin v5.3.2.1, fixes a symlink-following flaw that can let a user with FTP or web shell access escalate to root on shared hosting servers running CloudLinux/CageFS.
CISA added WebPros cPanel & WHM and WP2 CVE-2026-41940 to KEV on 2026-04-30 and marks ransomware use as known. WebPros patched many cPanel branches and WP2 136.1.7, provided session-file IOC checks, and urged immediate update or service exposure reduction.
CISA added LiteSpeed User-End cPanel Plugin CVE-2026-48172 to KEV on 2026-05-26 with a 2026-05-29 due date. NVD and LiteSpeed now provide exact advisory links, affected version bounds, and the vendor log-check command for redisAble exploitation.