All CosmicBytez Labs articles tagged #LiteSpeed, across news, security advisories, how-to guides, and projects.
CISA has added CVE-2026-54420, an actively exploited vulnerability in the LiteSpeed cPanel user-end plugin, to its Known Exploited Vulnerabilities catalog and given federal agencies three days to patch.
A high-severity symlink vulnerability in the LiteSpeed cPanel plugin (CVSS 8.5) allows users with FTP or web shell access to escape CloudLinux/CageFS isolation on shared hosting servers. Actively exploited since May 2026.
CISA's emergency directive gives federal agencies four days to patch the actively exploited LiteSpeed cPanel plugin flaw being weaponized in the wild.
CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.
A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...