TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

By rooter

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.

The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.

“Any cPanel user (including an attacker or a compromised account) may

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

rooter
Cyber Security

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

rooter
Cyber Security

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

rooter

Leave a Reply

You Missed

Cyber Security

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

News

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

Cyber Security

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

News

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV