[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-54420":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-16T18:52:28.841Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":28,"related":29,"reserved_at":9,"published_at":30,"modified_at":31,"state":32,"summary":33,"references_raw":44,"kevs":62,"epss":73,"epss_history":76,"metrics":85,"affected":93},"CVE-2026-54420","LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-61","UNIX Symbolic Link (Symlink) Following","The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.","weakness","Incomplete","Compound","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-27","Leveraging Race Conditions via Symbolic Links",[],[],[],[],[],[],[],"2026-06-14T03:23:12.863Z","2026-06-16T03:56:05.377Z","Analyzed",{"cisa_kev":34,"cisa_ransomware":35,"cisa_vendor":36,"epss_severity":37,"epss_score":38,"severity":39,"severity_score":40,"severity_version":41,"severity_source":42,"severity_vector":43,"severity_status":32},true,false,"LiteSpeed","low",0.00613,"high",8.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",[45,51,56],{"url":46,"sources":47,"tags":49},"https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel",[42,48],"nvd",[50],"Product",{"url":52,"sources":53,"tags":54},"https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/",[42,48],[55],"Vendor Advisory",{"url":57,"sources":58,"tags":59},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420",[42,48],[60,61],"Government Resource","US Government Resource",[63],{"source":64,"vendor":36,"product":65,"date_added":66,"vulnerability_name":67,"short_description":68,"required_action":69,"due_date":70,"known_ransomware_campaign_use":71,"notes":72,"exploitation_type":9},"cisa","cPanel Plugin","2026-06-15","LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability","LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.","Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","2026-06-18","Unknown","https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-54420",{"date":74,"score":38,"percentile":75},"2026-06-16",0.44504,[77,81,84],{"date":78,"score":79,"percentile":80},"2026-06-14",0.00063,0.19948,{"date":66,"score":82,"percentile":83},0.00348,0.26464,{"date":74,"score":38,"percentile":75},[86,91],{"source":42,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":87,"cvss_v4_0":9},{"baseScore":40,"baseSeverity":88,"vectorString":43,"impactScore":89,"exploitabilityScore":90},"HIGH",10,4.6,{"source":48,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":92,"cvss_v4_0":9},{"baseScore":40,"baseSeverity":88,"vectorString":43,"impactScore":89,"exploitabilityScore":90},[94,105,113],{"ecosystem":9,"name":65,"vendor":95,"product":96,"cpe_part":97,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":98},"litespeed technologies","cpanel plugin","a",[99],{"version":100,"is_range":34,"range_type":42,"version_start":101,"version_start_type":102,"version_end":103,"version_end_type":104,"fixed_in":9},">= 2.3, \u003C 2.4.8","2.3","including","2.4.8","excluding",{"ecosystem":9,"name":106,"vendor":107,"product":108,"cpe_part":97,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":109},"litespeed cpanel plugin","litespeedtech","litespeed_cpanel_plugin",[110],{"version":111,"is_range":34,"range_type":112,"version_start":9,"version_start_type":9,"version_end":103,"version_end_type":104,"fixed_in":9},"lt2.4.8","cpe",{"ecosystem":9,"name":114,"vendor":107,"product":115,"cpe_part":97,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":116},"litespeed whm plugin","litespeed_whm_plugin",[117],{"version":118,"is_range":34,"range_type":112,"version_start":9,"version_start_type":9,"version_end":119,"version_end_type":104,"fixed_in":9},"lt5.3.2.0","5.3.2.0"]