Dossier
incorrect privilege assignment
Coverage of incorrect privilege assignment in the Nexus archive.
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A critical security vulnerability (CVE-2026-48172) in LiteSpeed User-End cPanel Plugin is being actively exploited, allowing attackers to execute arbitrary scripts with root privileges due to incorrect privilege assignment.