CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability affecting the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog on June 4, 2026. This vulnerability, identified as CVE-2026-54420 with a CVSS score of 8.5, allows for root privilege escalation. Federal Civilian Executive Branch (FCEB) agencies are mandated to patch this flaw by June 18, 2026, to mitigate potential security risks. The exploit enables attackers to gain administrative control over affected systems, posing a significant threat to data integrity and system security. LiteSpeed Technologies has released a patch for this vulnerability, and users are strongly advised to update their cPanel plugins immediately to prevent exploitation. The KEV catalog is a crucial resource for government agencies and organizations to prioritize cybersecurity efforts and address known threats proactively. This inclusion highlights the ongoing efforts to secure web hosting environments against sophisticated cyberattacks.