LiteSpeed has disclosed and patched a critical 0‑day privilege escalation flaw in its user-end cPanel plugin that is already being actively exploited to gain root access on Linux hosting servers. The bug is tracked as CVE‑2026‑48172 and affects LiteSpeed cPanel user-end plugin versions from v2.3 up to, but not including, v2.4.5. 0‑Day in LiteSpeed cPanel […]
The post LiteSpeed cPanel Plugin 0-Day Exploited in the wild to Gain Server Root Access appeared first on Cyber Security News.