Forwarded from TWCERTCC Security Advisory TWCERTCC-200-202606-00000001

【CVE-2026-48172】LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (CVSS v3.1: 9.8)
【Whether exploited by ransomware: Unknown】 LiteSpeed cPanel Plugin has a privilege escalation vulnerability. This vulnerability may be triggered through the user-side cPanel plugin. Any cPanel user account may abuse this vulnerability to execute arbitrary scripts with root privileges.

【CVE-2026-48027】Nx Console Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8)
【Whether exploited by ransomware: Known】 Nx Console has an embedded malicious code vulnerability. Attackers used this to release malicious versions of Nx Console. The affected extensions download obfuscated malicious payloads, which can steal credentials from multiple sources in disk and memory.

【CVE-2026-45321】TanStack Unspecified Vulnerability (CVSS v31: 9.6)
【Whether exploited by ransomware: Known】 TanStack has an unspecified vulnerability, allowing attackers to publish malicious versions of packages to the npm Registry and use a trusted identity to publish credential-stealing malware.

【CVE-2026-8398】Daemon Tools Lite Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8)
【Whether exploited by ransomware: Unknown】 Daemon Tools has an unspecified vulnerability, causing a high impact on confidentiality, integrity, and availability.

【CVE-2026-0257】Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVSS v3.1: 9.1)
【Whether exploited by ransomware: Unknown】 Palo Alto Networks PAN-OS has an authentication bypass vulnerability. Attackers may use this to bypass security restrictions and establish unauthorized VPN connections.

Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed)