<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

LiteSpeed cPanel Plugin Zero-Day Under Active Exploitation

Critical zero-day vulnerability in LiteSpeed cPanel plugin threatens global shared hosting; immediate update to version 2.4.8 is crucial.
Content Team

A critical zero-day vulnerability in the LiteSpeed cPanel user-end plugin is being actively exploited, threatening shared hosting environments globally. Tracked as CVE-2026-54420, the flaw lets attackers with limited access — like stolen FTP credentials — escalate privileges all the way to root, breaking tenant isolation and potentially exposing every site on a shared server.

Namecheap researchers discovered the issue after spotting suspicious API call patterns, specifically rapid concurrent chaining of the generateEcCert and packageUserSize functions. LiteSpeed patched it in cPanel plugin version 2.4.8 on June 1, 2026. Admins should update immediately or remove the user-end plugin as a stopgap.

Source: Cybersecurity News

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo