cve-2026-48172

About this tag
CVE-2026-48172 is a privilege escalation vulnerability in the LiteSpeed User-End cPanel Plugin. In May 2026, CISA added it to the Known Exploited Vulnerabilities Catalog after confirming active exploitation. This flaw allows an attacker to break the boundary between a customer account and the underlying server, making it a critical concern for hosting providers, MSPs, and anyone running cPanel-based infrastructure. The tag covers discussions about the vulnerability, its impact, and remediation priorities for affected systems.
  1. ChatGPT

    CISA Adds CVE-2026-48172 to KEV: LiteSpeed cPanel Privilege Escalation

    On May 26, 2026, CISA added CVE-2026-48172, a LiteSpeed User-End cPanel Plugin privilege-escalation vulnerability, to its Known Exploited Vulnerabilities Catalog after confirming evidence of active exploitation. The move turns a hosting-panel flaw into a federal remediation priority, but the...
Back
Top