Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2026/06/16 7:39 a.m.63 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

CVE-2026-54420 Mitigation Toolkit !Licensehttps://img.shie...

8.5CVSS5.8AI score0.01261EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/06/16 6:9 a.m.65 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

cve-id ⚡ Simple Usage Use this project only in safe and...

8.7CVSS5.5AI score0.03847EPSS
Exploits15
The Hacker News
The Hacker News
added 2026/06/16 5:41 a.m.9 views

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities KEV catalog, requiring Federal Civilian Executive Branch FCEB agencies to apply the fixes by June 18, 2026. The vulnerability in questi...

8.5CVSS5.5AI score0.01261EPSS
Exploits3
Cvelist
Cvelist
added 2026/06/14 3:23 a.m.36 views

CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS0.01261EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.22 views

PT-2026-43619

Name of the Vulnerable Software and Affected Versions protobufjs affected versions not specified Description An issue exists where the software could recurse without a depth limit during the conversion of decoded messages to plain objects or JSON. This specifically affects the generated toObject...

7.5CVSS5.9AI score0.00324EPSS
Exploits0References7
VulnCheck KEV
VulnCheck KEV
added 2026/05/21 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

10CVSS5.8AI score0.18914EPSS
In wildExploits1References5
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.21 views

PT-2026-42359

Name of the Vulnerable Software and Affected Versions LiteSpeed User-End cPanel Plugin versions prior to 2.4.5 Description An issue in the mishandling of Redis enable/disable features, specifically within the lsws.redisAble function, allows for incorrect privilege assignment. This flaw enables an...

10CVSS6.3AI score0.18914EPSS
Exploits1References100
Rows per page
Query Builder