CVE-2026-48172

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (2)

CISA KEV: LiteSpeed cPanel Plugin — LiteSpeed cPanel Plugin Privilege Escalation Vulnerability

LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.

CVE-2026-48172LiteSpeed cPanel Plugin

May 26, 2026CISA KEV

HIGHVulnerability

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions. "Any cPanel user (including an attacker or a compromised account) may

CVE-2026-48172

May 23, 2026The Hacker News