CVE-2026-48172 – LiteSpeed cPanel Plugin

CVSS 9.8 CRITICAL

“An actively exploited privilege issue inside hosting infrastructure can hand attackers control faster than most teams can respond.”

LiteSpeed Technologies patched CVE-2026-48172 in the LiteSpeed cPanel Plugin. The vulnerability involves improper privilege management and may allow elevation of privileges in affected hosting environments. The CVSS score is 10.0, which is Critical severity. Active exploitation is confirmed.

The patch strengthens access control handling inside the plugin and reduces the risk of unauthorized administrative actions against shared hosting infrastructure. Systems running outdated plugin versions face elevated operational and tenant isolation risk until patched.

Key Details

Affected Product: Litespeedtech Litespeed Cpanel Plugin
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-266

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-48172 – LiteSpeed cPanel Plugin

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002