CVE-2025-54939

MEDIUM LAB

Litespeedtech Litespeed Web Adc < 3.3.1 - Memory Leak

Title source: rule

LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.

nomisec WORKING POC

by yohannslm · poc

CVSS v3 5.3

EPSS 0.0018

EPSS Percentile 39.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

COMMUNITY

Community Lab

docker pull mariadb:11.4

docker pull bitnami/phpmyadmin:5.2.2

docker pull redis:alpine

View in Library

CWE

CWE-770 CWE-401

Status published

Products (4)

litespeedtech/litespeed_web_adc < 3.3.1

litespeedtech/litespeed_web_server < 6.3.4

litespeedtech/lsquic < 4.3.1

litespeedtech/openlitespeed < 1.8.4

Published Aug 01, 2025

Tracked Since Feb 18, 2026