[Security Vulnerability Alert] CISA adds 5 known vulnerabilities exploited by hackers to the KEV directory (2026/05/25-2026/05/31)

 
2026/6/3 ~ 2026/12/3
View Count:25

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202606-00000001

[Content Description]
【CVE-2026-48172】LiteSpeed ​​cPanel Plugin Privilege Escalation Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Unknown】 The LiteSpeed ​​cPanel Plugin contains a privilege escalation vulnerability. This vulnerability can be triggered by a cPanel add-in on the user's client. Any cPanel user account could abuse this vulnerability to execute arbitrary code with root privileges.

【CVE-2026-48027】Nx Console Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Known】 Nx Console contains an embedded malicious code vulnerability. Attackers use this vulnerability to distribute a malicious version of Nx Console. Affected extensions download obfuscated malicious payloads that can steal credentials from multiple sources on disk and in memory.

【CVE-2026-45321】TanStack Unspecified Vulnerability (CVSS v31: 9.6)
【Ransomware Exploitation: Known】 An unspecified vulnerability exists in TanStack that allows attackers to distribute a malicious version of the suite to the npm Registry and use trusted identities to distribute credential-stealing malware.

【CVE-2026-8398】Daemon Tools Lite Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8)
【Ransomware Exploitation: Unknown】 An unspecified vulnerability exists in Daemon Tools that significantly impacts confidentiality, integrity, and availability.

【CVE-2026-0257】Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVSS v3.1: 9.1)
【Exploited by Ransomware: Unknown】 Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that could allow attackers to bypass security restrictions and establish unauthorized VPN connections.

[Affected Platforms]
【CVE-2026-48172】Please refer to the official list of affected versions: https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/

【CVE-2026-48027】Please refer to the official list of affected versions: https://nx.dev/blog/nx-console-v18-95-0-postmortem#indicators-of-compromise

【CVE-2026-45321】Please refer to the official list of affected versions: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx

【CVE-2026-8398】Please refer to the official list of affected versions: https://blog.daemon-tools.cc/post/security-incident

【CVE-2026-0257】Please refer to the official list of affected versions: https://security.paloaltonetworks.com/CVE-2026-0257

[Recommended Actions]
【CVE-2026-48172】An official patch update has been released for this vulnerability. Please update to the relevant version: https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/

【CVE-2026-48027】An official patch update has been released for this vulnerability. Please update to the relevant version: https://nx.dev/blog/nx-console-v18-95-0-postmortem#indicators-of-compromise

【CVE-2026-45321】An official patch update has been released for this vulnerability. Please update to the relevant version. https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx

【CVE-2026-8398】An official patch update has been released for this vulnerability. Please update to the relevant version. https://blog.daemon-tools.cc/post/security-incident

【CVE-2026-0257】An official patch update has been released for this vulnerability. Please update to the relevant version. https://security.paloaltonetworks.com/CVE-2026-0257

Files
None
【Back】
Top↑