Latest news

CVE-2026-54420: LiteSpeed cPanel Plugin Zero-Day Actively Exploited to Escalate Privileges to Root
Vulnerability

CVE-2026-54420: LiteSpeed cPanel Plugin Zero-Day Actively Exploited to Escalate Privileges to Root

16 June 2026 dark6

A critical actively exploited zero-day in the LiteSpeed cPanel user-end plugin (CVE-2026-54420) enables attackers to escalate privileges to root, breaking...
LiteSpeed cPanel Plugin Zero-Day (CVE-2026-48172) Actively Exploited to Gain Server Root Access
Vulnerability

LiteSpeed cPanel Plugin Zero-Day (CVE-2026-48172) Actively Exploited to Gain Server Root Access

23 May 2026 dark6

LiteSpeed has disclosed and patched a critical zero-day privilege escalation flaw (CVE-2026-48172) in its cPanel user-end plugin that is already...