CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges. The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek.
CISA on Tuesday urged federal agencies to immediately patch a critical-severity vulnerability in the LiteSpeed user-end plugin for cPanel that has been exploited in the wild.
Tracked as CVE-2026-48172 (CVSS score of 9.8), the flaw is described as a privilege escalation issue that could allow attackers to execute arbitrary scripts with root privileges.
LiteSpeed resolved the security defect last week in version 2.4.5 of the user-end plugin, noting that it had been exploited in the wild as a zero-day. LiteSpeed’s WHM plugin is not affected, it said.
Related breach coverage
- Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks2026-05-28
Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging immediate patching. The post Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks appeared first on SecurityWeek.
- Organizations Warned of Exploited Linux Kernel Vulnerability2026-06-03
An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
- Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities2026-06-02
Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek.
- Oracle WebLogic Vulnerability Exploited in the Wild2026-06-02
The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek.