Thehackernews
Critical Zero-Day Vulnerability in LiteSpeed cPanel Plugin Actively Exploited
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A critical zero-day privilege escalation vulnerability in the LiteSpeed User-End cPanel plugin is being exploited in the wild, allowing authenticated cPanel users to execute arbitrary scripts as root. This flaw, tracked as CVE-2026-48172, has a maximum CVSS score of 10.0 and affects versions from v2.3 to below v2.4.5. The vulnerability was disclosed and patched on May 21, 2026, but active exploitation has been reported. Server administrators are urged to update their systems immediately to mitigate risks. The flaw enables full server control for attackers, posing a significant threat to Linux hosting environments. The situation remains critical as attackers may still be leveraging the unpatched versions.
Key Points: • CVE-2026-48172 is a critical zero-day vulnerability with a CVSS score of 10.0. • The vulnerability allows authenticated users to execute scripts as root, compromising server control. • A patch was released on May 21, 2026, but active exploitation is ongoing.