CVE-2026-48172 | LiteSpeed User-End cPanel Plugin up to 2.4.4 /var/cpanel/logs cpanel_jsonapi_func privileges assignment

A vulnerability classified as very critical was found in LiteSpeed User-End cPanel Plugin up to 2.4.4. Affected by this vulnerability is the function cpanel_jsonapi_func of the file /var/cpanel/logs. The manipulation results in incorrect privilege assignment.

This vulnerability is known as CVE-2026-48172. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More