liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLitespeedtech Lsquic
APPLitespeedtech< 3.1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2024-25678CRITICAL9.8PL ✓ten sam produkt
Błędna walidacja DCID w bibliotece LiteSpeed QUIC (LSQUIC)
CVE-2025-54939MEDIUM5.3ten sam produkt
LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
CVE-2026-48172CRITICAL10.0⚠ KEVPL ✓ten sam vendor
LiteSpeed cPanel Plugin — privilege escalation (możliwe root) via Redis
CVE-2024-44000CRITICAL9.8PL ✓ten sam vendor
LiteSpeed Cache – nieuwierzytelnione przejęcie konta przez ujawnione dane logowania
CVE-2024-28000CRITICAL9.8PL ✓ten sam vendor
Privilege escalation bez uwierzytelnienia w LiteSpeed Cache dla WordPress