LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News reports that a maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active exploitation. The flaw stems from incorrect privilege assignment, enabling any cPanel user—including attackers or compromised accounts—to execute arbitrary scripts with elevated permissions. This can lead to complete server takeover, data breaches, and further attacks. LiteSpeed has released a security update; users are urged to apply it immediately. No specific patch date was provided in the excerpt, but the vulnerability is being actively exploited in the wild.
// why it matters
Any cPanel user can gain root access, leading to full server compromise.