THE U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-20262 and CVE-2026-54420. CVE-2026-20262, with a CVSS score of 6.5, affects the Cisco Catalyst SD-WAN Manager, allowing attackers to exploit file upload vulnerabilities if they have valid low-privileged user credentials.
CVE-2026-54420, with a CVSS score of 8.5, pertains to the LiteSpeed cPanel plugin and enables privilege escalation via symbolic link mishandling, impacting shared hosting servers. Recent exploitation of these vulnerabilities has been confirmed, leading CISA to mandate federal agencies to address them by specific due dates (June 18 and June 29, 2026). Administrators are urged to check server logs and upgrade to the patched versions of the LiteSpeed WHM Plugin.