CVE-2026-54420NVD

Vulnerability Summary

LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.

Severity Level

HIGH(8.5)

Published Date

Jun 14, 2026

Last Modified

Jun 16, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.61%Probability

Root Weakness (CWE)

CWE-61: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityHigh

Privileges RequiredLow

User InteractionNone

ScopeChanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/
https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-54420