A critical vulnerability in the LiteSpeed cPanel plugin is being actively exploited, allowing attackers to execute scripts with root-level privileges on affected systems. The flaw, tracked as CVE-2026-48172, poses a serious security risk as root access grants complete control over a server. System administrators running LiteSpeed with cPanel are urged to update immediately to prevent potential compromises.