Overview
CISA has added CVE-2026-48172 to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. The flaw is a maximum-severity privilege escalation vulnerability (CVSS v4.0: 10.0) residing in the LiteSpeed User-End cPanel Plugin versions 2.3 through 2.4.4, classified under CWE-266 (Incorrect Privilege Assignment), stemming from improper handling of Redis on/off features exposed via the plugin’s JSON API.
CISA added the CVE to the KEV catalog on May 26, 2026, and mandated remediation by May 29, 2026 under Binding Operational Directive 22-01.
Vulnerability Details
CVE: CVE-2026-48172
CVSS: 10.0 (v4.0) / 9.8 (v3.x)
CWE: CWE-266 — Incorrect Privilege Assignment
Affected Versions: LiteSpeed User-End cPanel Plugin 2.3 through 2.4.4
Not Affected: LiteSpeed WHM plugin
More Information:
https://thecyberthrone.in/2026/05/28/cv ... scalation/
CVE-2026-48172 — LiteSpeed User-End cPanel Plugin Privilege Escalation
-
Starburst-David
- Posts: 45
- Joined: Wed Feb 11, 2026 8:31 pm