PT-2026-25612 · Litespeed Technologies · Lsws Enterprise+1

Daisuke Nakayama

·

Published

2026-03-16

·

Updated

2026-03-16

·

CVE-2026-31386

CVSS v3.1
7.2
VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
An 8.6 CVSS flaw (CVE-2026-31386) in LiteSpeed Web Server editions allows OS command injection and system compromise. Restrict WebAdmin access immediately. #LiteSpeed #CVE #ServerSecurity #CyberSecurity #InfoSec #CommandInjection #WebHosting #OpenLiteSpeed https://t.co/sKxucJP2Yf https://t.co/92Ga1u2QgT

Fix

OS Command Injection

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2026-31386

Affected Products

Lsws Enterprise
Openlitespeed