SECURITYTHE HACKER NEWS
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A critical security vulnerability (CVE-2026-48172) in LiteSpeed User-End cPanel Plugin is being actively exploited, allowing attackers to execute arbitrary scripts with root privileges due to incorrect privilege assignment.
Mentioned
Related Signal
Adjacent reporting
- The Internet Is Falling Down- CPanel/WHM Authentication Bypass CVE-2026-41940
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
- New Fragnesia Linux flaw lets attackers gain root privileges
- GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
- "Dirty Frag" (CVE-2026-43284): The Second Linux Root Exploit in Eight Days
- CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV