CVE-2026-54420
8.5 HIGHLiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with ...
Published: 2026-06-14 · Last updated: 2026-06-14
Severity and scoring
- CVSS
- 8.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
- CWE
- CWE-61
Description
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-42306 — Moby is an open source container framework (7.2 HIGH)
- CVE-2025-43278 — This issue was addressed with improved handling of symlinks (5.5 MEDIUM)
- CVE-2026-5223 — Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to overrid... (5.3 MEDIUM)
- CVE-2026-8784 — A vulnerability was detected in npitre cramfs-tools up to 2.2 (4.2 MEDIUM)
- CVE-2026-6475 — Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g (8.8 HIGH)