[Security Vulnerability Alert] CISA adds 4 known vulnerabilities exploited by hackers to the KEV directory (2026/06/15-2026/06/21)

 
2026/6/25 ~ 2026/12/25
View Count:23

Forward Taiwan Computer Emergency Response Team / Coordination Center Information Security Alert TWCERTCC-200-202606-00000017

[Description]
【CVE-2026-54420】LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability (CVSS v3.1: 8.5)
【Whether exploited by ransomware: Unknown】 The LiteSpeed cPanel plugin contains a UNIX symbolic link following vulnerability. On shared hosting servers running CloudLinux/CageFS, users with FTP or Web Shell access may exploit this vulnerability to perform unauthorized operations.

【CVE-2026-20262】Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability (CVSS v3.1: 6.5)
【Whether exploited by ransomware: Unknown】 Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability. An authenticated remote attacker may exploit this vulnerability to create files or overwrite arbitrary files in the file system of the affected system.

【CVE-2026-48907】Widget Factory Joomla Content Editor Improper Access Control Vulnerability (CVSS v3.1: 9.8)
【Whether exploited by ransomware: Unknown】 Widget Factory Joomla Content Editor contains an improper access control vulnerability, which may allow unauthenticated users to upload and execute PHP code by creating a new editor profile.

【CVE-2026-20253】Splunk Enterprise Missing Authentication for Critical Function Vulnerability (CVSS v3.1: 9.8)
【Whether exploited by ransomware: Unknown】 Splunk Enterprise contains a missing authentication for critical function vulnerability. Unauthenticated users can create or truncate arbitrary files via the PostgreSQL Sidecar service endpoint.

[Affected Platform]
【CVE-2026-54420】Please refer to the official listed affected versions https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/

【CVE-2026-20262】Please refer to the official listed affected versions https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ

【CVE-2026-48907】Please refer to the official listed affected versions https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites

【CVE-2026-20253】Please refer to the official listed affected versions https://advisory.splunk.com/advisories/SVD-2026-0603

[Recommended Measures]
【CVE-2026-54420】 The vendor has released a fix update for the vulnerability; please update to the relevant version https://blog.litespeedtech.com/2026/06/01/security-update-for-litespeed-cpanel-plugin-2/

【CVE-2026-20262】 The vendor has released a fix update for the vulnerability; please update to the relevant version https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ

【CVE-2026-48907】 The vendor has released a fix update for the vulnerability; please update to the relevant version https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites

【CVE-2026-20253】 The vendor has released a fix update for the vulnerability; please update to the relevant version https://advisory.splunk.com/advisories/SVD-2026-0603

Files
None
【Back】
Top↑