Litespeed

vulnerabilities 2026-05-24
LiteSpeed cPanel Plugin CVE-2026-48172: Any User Can Run Scripts as Root
A CVSS 10.0 flaw in the LiteSpeed User-End cPanel Plugin lets any logged-in cPanel user execute scripts as root. It is being exploited in the wild — patch or uninstall now.
cpanel litespeed privilege-escalation cve-2026-48172 web-hosting active-exploitation

LiteSpeed cPanel Plugin CVE-2026-48172: Any User Can Run Scripts as Root