{
  "title": "LiteSpeed cPanel Plugin CVE-2026-48172: Root Privilege Escalation",
  "summary": "CISA added LiteSpeed User-End cPanel Plugin CVE-2026-48172 to KEV on 2026-05-26 with a 2026-05-29 due date. NVD and LiteSpeed now provide exact advisory links, affected version bounds, and the vendor log-check command for redisAble exploitation.",
  "date": "2026-05-27",
  "severity": "critical",
  "tags": [
    "litespeed",
    "cpanel",
    "zero-day",
    "privilege-escalation",
    "cisa-kev"
  ],
  "sources_count": 5,
  "indicators": {
    "slug": "litespeed-cpanel-plugin-cve-2026-48172",
    "since": "2026-05-27T00:00:00Z",
    "until": "2026-05-27T23:59:59Z",
    "ecosystem": "",
    "cves": [
      "CVE-2026-48172"
    ],
    "cwes": [
      "CWE-266",
      "CWE-269"
    ],
    "advisoryIds": [],
    "products": [
      "User-End cPanel Plugin"
    ],
    "packages": [],
    "versions": [],
    "affectedVersions": [
      "2.3 <= LiteSpeed cPanel Plugin < 2.4.7",
      "LiteSpeed WHM Plugin < 5.3.1.0 may bundle an affected cPanel plugin"
    ],
    "fixedVersions": [
      "LiteSpeed WHM Plugin >= 5.3.1.0 (includes cPanel Plugin 2.4.7)"
    ],
    "files": [],
    "paths": [],
    "services": [],
    "domains": [],
    "urls": [],
    "ips": [],
    "hashes": [],
    "processPatterns": [],
    "networkPatterns": [],
    "telemetrySelectors": [
      "cpanel_jsonapi_func=redisAble",
      "redisAble",
      "lsws.redisAble"
    ]
  }
}