Cpanel Plugin
Monthly
Symlink mishandling in LiteSpeed cPanel Plugin before 2.4.8 (and the bundling LiteSpeed WHM PlugIn before 5.3.2.0) lets a low-privileged tenant on a shared CloudLinux/CageFS host escape their per-user filesystem jail by planting symlinks the plugin follows with elevated privileges. The CVE record states the flaw was exploited against shared hosting providers in May 2026, and CVSS 8.5 with Scope:Changed reflects cross-tenant compromise of other customers' files on the same server. No separate KEV listing or public POC is present in the provided intelligence.
Symlink mishandling in LiteSpeed cPanel Plugin before 2.4.8 (and the bundling LiteSpeed WHM PlugIn before 5.3.2.0) lets a low-privileged tenant on a shared CloudLinux/CageFS host escape their per-user filesystem jail by planting symlinks the plugin follows with elevated privileges. The CVE record states the flaw was exploited against shared hosting providers in May 2026, and CVSS 8.5 with Scope:Changed reflects cross-tenant compromise of other customers' files on the same server. No separate KEV listing or public POC is present in the provided intelligence.