LiteSpeed cPanel plugin RCE (CVE-2026-48172, CVSS 10.0) actively exploited — any cPanel user can run code as root
A privilege-escalation flaw in the LiteSpeed User-End cPanel plugin lets any cPanel account execute arbitrary scripts as root. Mass scanning began within 72 hours of disclosure.