• Category: Security
  • Status: confirmed
  • Sources: CISA KEV alert 2026-06-15
  • Summary: CISA's Known Exploited Vulnerabilities catalog moved to version 2026.06.15 (count 1621) with two additions dated 2026-06-15: CVE-2026-20262 (Cisco Catalyst SD-WAN Manager path traversal, covered in Top stories) and CVE-2026-54420, a UNIX symbolic-link (symlink) following vulnerability in the LiteSpeed cPanel plugin. Both carry active-exploitation evidence per the catalog.
  • Why it matters: KEV inclusion sets federal remediation deadlines and is a reliable signal that exploitation is real rather than theoretical, so both should be prioritized over CVSS-ranked backlog items.
  • Follow-up: Confirm the LiteSpeed cPanel plugin fixed version and exposure footprint.

Send feedback on this story