You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-48172
About this tag
CVE-2026-48172 is a privilege escalation vulnerability in the LiteSpeed User-End cPanel Plugin. In May 2026, CISA added it to the Known Exploited Vulnerabilities Catalog after confirming active exploitation. This flaw allows an attacker to break the boundary between a customer account and the underlying server, making it a critical concern for hosting providers, MSPs, and anyone running cPanel-based infrastructure. The tag covers discussions about the vulnerability, its impact, and remediation priorities for affected systems.
On May 26, 2026, CISA added CVE-2026-48172, a LiteSpeed User-End cPanel Plugin privilege-escalation vulnerability, to its Known Exploited Vulnerabilities Catalog after confirming evidence of active exploitation. The move turns a hosting-panel flaw into a federal remediation priority, but the...