Litespeed is vulnerable to apache http2 RCE?

[local@work]

Hello,

I want to make a question about our litespeed servers. Yesterday some patches released for apache 2.4.67 that have 2 high security vulnerabilities:

1st

Apache HTTP Server: http2: Double Free and possible RCE on early reset (CVE-2026-23918). Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.

2nd

An escalation-of-privilege bug in various modules in Apache HTTP Server 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. CVE-2026-24072

Our cPanel installations with litespeed (latest version 6.3.5 (build 5)) as main web server have those (or similar) vulnerabilities or we safe?

Thank you.

 

[abk]

LSWS is not affected by both of these CVEs.