CISA Adds LiteSpeed cPanel Plugin Vulnerability to KEV List Following Active Exploitation
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.3 Articles
3 Articles
Cyber Security News
IT Security News - cybersecurity, infosecurity newsCISA Adds LiteSpeed cPanel Plugin Vulnerability to KEV List Following Active Exploitation
CISA has added a critical LiteSpeed cPanel Plugin vulnerability, tracked as CVE-2026-54420, to its Known Exploited Vulnerabilities (KEV) catalog following evidence of active exploitation in the wild. The flaw affects shared hosting environments and poses a significant risk to servers running CloudLinux with CageFS isolation. The vulnerability is classified as a UNIX symbolic link (symlink) following the issue, mapped to CWE-61. It allows attacke…
CVE-2026-48907, LiteSpeed CPanel Plugin Flaws Exploited
Security researchers and software vendors warn that attackers are actively exploiting vulnerabilities in both Joomla and the LiteSpeed cPanel plugin, posing significant risks to website administrators and shared hosting environments. One of the most urgent issues is CVE-2026-48907, a critical vulnerability affecting the Joomla Content Editor (JCE). The flaw stems from an improper access-control weakness that allows unauthenticated attackers to …
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
