{"vulnerability": "CVE-2026-54420", "sightings": [{"uuid": "9ca61218-203e-4841-89fb-1a06afd5d16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo7yf3f7kw26", "content": "\ud83d\udfe0 CVE-2026-54420 - High (8.5)\n\nLiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mish...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54420/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T05:00:20.216925Z"}, {"uuid": "a30534c7-226b-4e8a-bf53-aefca2fadc18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3moaa4qot2j2m", "content": "\u8106\u5f31\u6027\uff1a\u8907\u6570\u306eAPI\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306b\u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9\u306e\u53ef\u80fd\u6027\u3002\u5f71\u97ff\uff1a\u8a8d\u8a3c\u306a\u3057\u3067\u306e\u60c5\u5831\u6f0f\u6d29\u3084\u4e0d\u6b63\u64cd\u4f5c\u306e\u6050\u308c\u3002\u5bfe\u8c61\uff1a\u7279\u5b9a\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3002\nCVE-2026-54420 CVSS 8.5 | HIGH", "creation_timestamp": "2026-06-14T07:18:49.767863Z"}, {"uuid": "ac7a1508-965c-4964-8776-65e55693f052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54420", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116747640761245833", "content": "\u26a0\ufe0f CVE-2026-54420: HIGH-severity symlink vulnerability in LiteSpeed cPanel Plugin v2.3 on CloudLinux/CageFS shared hosting. Exploited in the wild \u2014 no patch yet. Restrict FTP/web shell access & monitor for suspicious activity. https://radar.offseq.com/threat/cve-2026-54420-cwe-61-unix-symbolic-link-symlink-f-9e9ca8f9 #OffSeq #Vulnerability #LiteSpeed", "creation_timestamp": "2026-06-14T09:02:38.419474Z"}, {"uuid": "e90f9f96-a58b-439d-82a6-6325dd30f5f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/litespeedtech.bsky.social/post/3modzl74prs2m", "content": "The CVE that was published today for LiteSpeed's WHM plugin prior to v2.4.8 refers to the same vulnerability we disclosed (and patched) two weeks ago. CVE-2026-54420: blog.litespeedtech.com/2026/06/01/s...", "creation_timestamp": "2026-06-15T19:32:18.703198Z"}, {"uuid": "b1dd8791-5fff-4207-a695-bcae173236d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3modzkrpxeg2e", "content": "\ud83d\uded1 CVE-2026-54420\nLiteSpeed cPanel Plugin\nCVSS 8.5 / EPSS 0% / KEV: No\nTL;DR: LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before\u2026\nhttps://cvesentinel.com/report/CVE-2026-54420?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-15T19:32:10.662473Z"}, {"uuid": "c3c9d0a9-e68a-4a96-8346-3015c2a30331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3moe3lw55qm2k", "content": "~Cisa~\nCISA added CVE-2026-20262 (Cisco SD-WAN) and CVE-2026-54420 (LiteSpeed cPanel) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-20262, CVE-2026-54420\n-\n#CISA #CVE202620262 #CVE202654420 #KEV #threatintel", "creation_timestamp": "2026-06-15T20:08:29.042672Z"}, {"uuid": "2cccc4bd-d629-4172-abd3-5f5c6b093a25", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0dac6024-d454-4978-8cb0-be4589ad3b06", "content": "", "creation_timestamp": "2026-06-15T20:00:01.853106Z"}, {"uuid": "c262c9e3-70b1-4f84-9c8c-c2e42e7623b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6747335", "content": "2026-06-15: [CVE-2026-54420] LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following VulnerabilityLiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.\ncisakev", "creation_timestamp": "2026-06-15T20:17:00.876873Z"}, {"uuid": "e73a84c8-f723-41db-bc6a-3bc31270b961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moeaket3nd2t", "content": "\ud83d\udccc CVE-2026-54420 - LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web sh... https://www.cyberhub.blog/cves/CVE-2026-54420", "creation_timestamp": "2026-06-15T21:37:05.837380Z"}, {"uuid": "0fc776f6-ca7c-4354-b040-1841b4e07441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moedp3mtrz2y", "content": "Active exploitation verified by CISA: CVE-2026-54420 exposes LiteSpeed cPanel environments to critical symlink privilege escalation. Threat actors are actively breaching shared hosting isolation. Read the full high-authority C-Suite briefing from The Cyber Mind Co. to harden your perimeter right\u2026", "creation_timestamp": "2026-06-15T22:33:26.163368Z"}, {"uuid": "3a4547b9-1eb8-495c-9dcd-ebbcaed7ff6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3moejkci7lu2s", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCVE-2026-20262 Cisco Catalyst SD-WAN Manager\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u307e\u305f\u306f\u30d1\u30b9\u306e\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-54420 LiteSpeed cPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306eUNIX\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\uff08Symlink\uff09\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-16T00:18:07.102734Z"}, {"uuid": "d51e9640-81b6-4ea9-9fe3-31f5f0fd6a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moektpzpbt2z", "content": "Stop symlink privilege escalation in its tracks. The Cyber Mind Co. has deployed the T-Suite Defense Playbook for CVE-2026-54420, featuring kernel overrides and FIM rules to protect LiteSpeed cPanel environments. Lock down your shared hosting infrastructure now: https://thecybermind.co/q7ni", "creation_timestamp": "2026-06-16T00:41:17.667182Z"}, {"uuid": "d9ecc51e-b11b-4cb6-803c-fd51e957a962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mof6zby5ej2d", "content": "CISA added CVE-2026-54420 in LiteSpeed cPanel Plugin to KEV, requiring FCEB agencies to patch by June 18, 2026.\n", "creation_timestamp": "2026-06-16T06:42:18.895358Z"}, {"uuid": "84af9a30-3bdd-4eda-beb5-6c333808870e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026.\n\nThe vulnerability in question is CVE-2026-54420 (CVSS score: 8.5), which has been described as a case of privilege", "creation_timestamp": "2026-06-16T03:41:52.000000Z"}, {"uuid": "d549912e-f9a3-441c-8165-44c70874e3e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mofdgidggn2d", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-54420\n\n\u2022 CVE ID: CVE-2026-54420\n\u2022 CVSS Score: 8.5 (High)\n\u2022 Affected: LiteSpeed WHM Plug\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-16T08:01:16.008600Z"}, {"uuid": "2d37d8ce-4a37-48e4-8b71-750516bdd326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3mofmr2cp5r2f", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin.", "creation_timestamp": "2026-06-16T10:48:15.010324Z"}, {"uuid": "e99d5a75-6ff3-4a6f-8796-45028e5574b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mofn2u22ym2q", "content": "CISA\u304c\u653b\u6483\u306b\u60aa\u7528\u3055\u308c\u305fcPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u5225\u306e\u8106\u5f31\u6027\u306b\u8b66\u544a\n\n\u7c73\u56fd\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001LiteSpeed cPanel\u30e6\u30fc\u30b6\u30fc\u30a8\u30f3\u30c9\u30d7\u30e9\u30b0\u30a4\u30f3\u306b\u5b58\u5728\u3059\u308b\u7a4d\u6975\u7684\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8106\u5f31\u6027\uff08CVE-2026-54420\uff09\u3078\u306e\u5bfe\u51e6\u306b\u3064\u3044\u3066\u3001\u7c73\u56fd\u653f\u5e9c\u6a5f\u95a2\u306b3\u65e5\u4ee5\u5185\u306e\u30b5\u30fc\u30d0\u30fc\u4fdd\u8b77\u3092\u547d\u3058\u307e\u3057\u305f\u3002 CVE-2026-48172\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044...", "creation_timestamp": "2026-06-16T10:54:12.785467Z"}, {"uuid": "de645ec2-c5c4-4c23-b77e-d6454323fbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54420", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mofqovg7e62n", "content": "\ud83d\udcf0 CISA Keluarkan Peringatan Darurat: Celah Keamanan cPanel LiteSpeed Aktif Dieksploitasi Massal\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/16/celah-plugin-cpanel-litespeed-dieksploitasi-massal/\n\n#cisa #cpanel #cve-2026-48172 #cve-2026-54420 #exploit #gadget #hardware #hosti", "creation_timestamp": "2026-06-16T11:58:37.384621Z"}, {"uuid": "df7c88f3-99b0-43ee-b88a-da3804ad4a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofschtphv2l", "content": "Also watch the KEV layer.\n\nCISA added Cisco Catalyst SD-WAN Manager CVE-2026-20262 and LiteSpeed cPanel Plugin CVE-2026-54420 on June 15.\n\nCisco = enterprise control plane risk.\nLiteSpeed = shared hosting blast radius.\n\nRefs:\nwww.cisa.gov/sites/defaul...\nsec.cloudapps.cisco.com/security/cen...", "creation_timestamp": "2026-06-16T12:27:37.748241Z"}, {"uuid": "ac16efc3-90bd-49b4-a871-6f31c1d3069f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3mofscjsx7o2m", "content": "- LiteSpeed advisory CVE-2026-54420: blog.litespeedtech.com/2026/06/01/s...\n- FIRST EPSS CVE-2026-54420: api.first.org/data/v1/epss...", "creation_timestamp": "2026-06-16T12:27:39.448080Z"}, {"uuid": "4b274e8b-38ba-4332-bc6c-388094c98cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mog5epzerg42", "content": "LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts CISA added LiteSpeed cPanel CVE-2026-54420 to its KEV catalog with a 48-hour deadline as exploitation of the unauthenticated REST A...\n\n#Resources #Application #Security #CVE [\u2026] \n\n[Original post on dailysecurityreview.com]", "creation_timestamp": "2026-06-16T15:45:46.083662Z"}, {"uuid": "64b81a3b-3efb-4bc2-81a2-e3ad01761589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevato-sfruttamento-di-vulnerabilita-in-prodotto-litespeed-cpanel-plugin", "content": "Rilevato sfruttamenento attivo in rete della CVE-2026-54420 presente in cPanel, plugin del noto software LiteSpeed Web Server. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente remoto malintenzionato, gi\u00e0 in possesso di un accesso iniziale con privilegi limitati, di elevare i propri privilegi sui sistemi interessati.", "creation_timestamp": "2026-06-16T12:26:30.000000Z"}, {"uuid": "9fff630a-03a6-45ba-96e5-d4e0e70a6068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3moggylk4qh2f", "content": "\ud83d\udce2 CISA KEV ALERT: A LiteSpeed cPanel plugin flaw, CVE-2026-54420, is being actively exploited for root privilege escalation on shared servers. Federal agencies must patch by June 18. Hosting providers, check your systems! #CVE #KEV #CISA #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-16T18:37:46.627747Z"}, {"uuid": "47d99436-5688-4c9c-8feb-192724b3a0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3moglmdq6l626", "content": "CISA adds LiteSpeed cPanel Plugin CVE-2026-54420 (privilege escalation) to KEV. Action: patch by June 18, 2026 and verify affected systems are updated. #Cybersecurity #Vulnerability #ThreatIntel\n\nSource: https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html", "creation_timestamp": "2026-06-16T20:00:22.712483Z"}, {"uuid": "9aafbcf9-aa60-4ae3-b021-b9e58e438c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mohbhd6yr22h", "content": "CISA warns of another cPanel plugin flaw exploited in attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPane\u2026\n#hackernews #news", "creation_timestamp": "2026-06-17T02:31:16.765664Z"}, {"uuid": "88daf337-a0a0-49eb-898a-6cfb973bc9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mohbhfp4ax2n", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 62 interactions\nCVE-2026-54420: 26 interactions\nCVE-2025-10263: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-54420: 21 interactions\nCVE-2026-20262: 8 interactions\nCVE-2026-48558: 8 interactions\n", "creation_timestamp": "2026-06-17T02:31:19.321996Z"}, {"uuid": "6d4b48ed-0df3-4426-94e4-6b3d4e57904d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/cybergeodigest.bsky.social/post/3mohwk4awoz2a", "content": "Today's CyberGeoDigest \u2014 20 stories\n\nTop: CISA Orders Agencies to Patch CVE-2026-54420 in LiteSpeed cPanel Plugin\n\n#InfoSec #CVE #CyberSecurity", "creation_timestamp": "2026-06-17T08:48:38.508656Z"}, {"uuid": "a827a54e-0bbc-4b65-b041-847a76563657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mohx74eegi2l", "content": "Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA", "creation_timestamp": "2026-06-17T09:00:24.039309Z"}, {"uuid": "a595e4c1-19c7-4ee7-b51b-d43c42ea5917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54420", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mojrwgzt3f2d", "content": "Top 3 CVE for last 7 days:\nCVE-2026-35273: 64 interactions\nCVE-2026-54420: 26 interactions\nCVE-2026-39987: 20 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-9697: 16 interactions\nCVE-2026-50656: 13 interactions\nCVE-2026-42824: 11 interactions\n", "creation_timestamp": "2026-06-18T02:31:23.257160Z"}]}