THE article discusses a cybersecurity vulnerability associated with the LiteSpeed cPanel Plugin, designated as CVE-2026-48172. This vulnerability allows unauthorized users to execute scripts with root privileges, potentially leading to severe security breaches. The article emphasizes the importance of patching this vulnerability to prevent exploitation, highlights how rapidly cyber threats can evolve, and provides links to additional resources and webinars for effective cybersecurity practices.
LiteSpeed cPanel Plugin Flaw Lets Attackers Gain Root via CVE-2026-48172
Incident
Open incident page
CISA adds LiteSpeed cPanel flaw CVE-2026-48172 to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the LiteSpeed cPanel Plugin flaw, identified as CVE-2026-48172, to its Known Exploited Vulnerabilities catalog. This critical vulnerability (CVSS score of 10.0) affects versions prior to 2.4.5 and allows privilege escalation to potentially root access. It originates from poor…
First seen 2026-05-23T08:30:29.348Z · Last seen 2026-05-28T10:31:56.592Z
- CISA adds LiteSpeed cPanel flaw CVE-2026-48172 to KEV catalog
- Serpens Hackers Exploit CVE-2026-48172, Roll Out New RAT Variants
- CISA urges patch of CVE-2026-48172 in cPanel LiteSpeed plugin
- CISA Adds Critical LiteSpeed cPanel Plugin Flaw to KEV Catalogue
- LiteSpeed cPanel Plugin Flaw Lets Attackers Gain Root via CVE-2026-48172
CyberSIXT Evidence Panel
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
CISA adds LiteSpeed cPanel flaw CVE-2026-48172 to KEV catalog
cybersixt.com
-
Serpens Hackers Exploit CVE-2026-48172, Roll Out New RAT Variants
-
CISA urges patch of CVE-2026-48172 in cPanel LiteSpeed plugin
-
CISA Adds Critical LiteSpeed cPanel Plugin Flaw to KEV Catalogue
-
LiteSpeed cPanel Plugin Flaw Lets Attackers Gain Root via CVE-2026-48172
thehackernews.com