CVE-2025-54939
MEDIUMLitespeedtech Litespeed Web Adc < 3.3.1 - Memory Leak
Title source: ruleDescription
LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
Exploits (1)
References (4)
Scores
CVSS v3
5.3
EPSS
0.0011
EPSS Percentile
29.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Classification
CWE
CWE-770
CWE-401
Status
published
Affected Products (4)
litespeedtech/litespeed_web_adc
< 3.3.1
litespeedtech/litespeed_web_server
< 6.3.4
litespeedtech/lsquic
< 4.3.1
litespeedtech/openlitespeed
< 1.8.4
Timeline
Published
Aug 01, 2025
Tracked Since
Feb 18, 2026