Tag: cve 2026 48172

3 articles

Rack of computer servers in a data center with a server control panel interface on screen.

CISA Warns of Actively Exploited cPanel Plugin Flaw

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.

Analyst 207Jun 16, 2026

Server room with rows of equipment, focusing on a single server screen displaying a plugin interface.

CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw

A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

Analyst 207May 27, 2026

Rows of computer servers and storage equipment in a brightly-lit data center with a sense of urgency.

LiteSpeed Plugin Flaw Exploited to Run Scripts as Root

A critical flaw in the LiteSpeed plugin, CVE-2026-48172, is being actively exploited to give cPanel users unlimited power, allowing them to run scripts as root. This severe vulnerability, rated 10.0 on the CVSS scale, puts your online security at risk and demands immediate attention.

Analyst 207May 23, 2026