U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog

CISA added CVE-2026-48172 — a critical (CVSS 10.0) privilege-escalation flaw in the LiteSpeed cPanel user-end plugin (versions v2.3–v2.4.4) — to its Known Exploited Vulnerabilities catalog after active exploitation was observed; administrators are urged to apply emergency patches (upgrade to ≥v2.4.7), search cPanel logs for suspicious redis-related API calls using the provided grep command, review IP activity, and remediate by the CISA deadline.