A vulnerability was found in litespeedtech LiteSpeed QUIC up to 4.3.0. It has been declared as problematic. This vulnerability affects the function lsquic_engine_packet_in. The manipulation leads to allocation of resources.

This vulnerability was named CVE-2025-54939. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.