THE CISA (Cybersecurity and Infrastructure Security Agency) maintains a Known Exploited Vulnerabilities (KEV) Catalog to help organizations manage cybersecurity threats effectively. This catalog lists vulnerabilities that have been actively exploited and serves as a resource for prioritizing vulnerability management. Notably, the recent entry, CVE-2026-48172, pertains to a privilege escalation vulnerability in the LiteSpeed cPanel Plugin, allowing users to execute arbitrary scripts with root privileges.
Organizations are advised to apply mitigations as per vendor guidance. Additional resources include CSV and JSON formats of the catalog, subscription options for updates, and a nomination link for new vulnerabilities.