CVE-2026-48172

Known Exploited (CISA KEV)CRITICAL

9.8

CVSS Severity Score

EPSS Score48.6350%

EPSS Percentile88.07th

PublishedMay 26, 2026

Last ModifiedJun 12, 2026

Vulnerability Description

LiteSpeed cPanel Plugin is vulnerable to LiteSpeed cPanel Plugin Privilege Escalation Vulnerability. Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Platforms (CPE)

📦

LiteSpeed

cPanel Plugin

Refer to description

Related Vulnerabilities

CVE-2026-544208.5

LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a use...

CVE-2017-183896.3

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...