The Hacker News

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

CVE-2026-48172 lets cPanel users run scripts as root, affecting LiteSpeed plugin 2.3–2.4.4 and exposing servers.

Hackers are actively exploiting a bug in cPanel, used by millions of websites

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.

Hackers are still exploiting the cPanel bug to gain control of thousands of websites

Days after the disclosure of a critical vulnerability in popular web hosting software cPanel and WHM, hackers keep targeting and hacking websites.