CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

CISA has added CVE-2026-45247, a critical remote code execution vulnerability in Mirasvit Cache Warmer for Magento, to its Known Exploited Vulnerabilities catalog. The flaw, which has a CVSS score of 9.8, involves deserialization of untrusted data and is being actively exploited in the wild, posing significant risk to e-commerce platforms using this popular full-page cache extension.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2026-45247 (CVSS score: 9.8), is a case of deserialization of untrusted

Originally published at thehackernews.com

#Cisa #Cve-2026-45247 #Cybersecurity #Magento #Malware #Remote Code Execution #Vulnerabilities

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

Talk to an architect about applying this to your stack.

More from the journal

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets