Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

LiteSpeed Web Server Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-54939)

Description

LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.

Remediation

References

Related Vulnerabilities

Chamilo Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-3533)

PHP Other Vulnerability (CVE-2007-1886)

WordPress Plugin MiniMax-Page Layout Builder Cross-Site Scripting (1.3.4)

WordPress Plugin Captcha by BestWebSoft Security Bypass (4.0.6)

Liferay DXP Other Vulnerability (CVE-2023-33946)

Severity

High

Classification

CVE-2025-54939 CWE-401 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities