THREAT OPS › CVEs › CVE-2026-48172
CVE-2026-48172 — LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.
Vulnerability details
- Affected productscPanel Plugin
- KEV remediation due2026-05-29