Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

U.S. CISA Adds Mirasvit Full Page Cache Warmer Flaw to its Known Exploited Vulnerabilities Catalog: A Critical PHP Object Injection Vulnerability


U.S. CISA Adds Mirasvit Full Page Cache Warmer Flaw to its Known Exploited Vulnerabilities Catalog: A Critical PHP Object Injection Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical PHP object injection vulnerability, CVE-2026-45247, affecting Mirasvit Full Page Cache Warmer for Magento 2, to its Known Exploited Vulnerabilities catalog. This move aims to provide timely warnings about known exploited vulnerabilities and help mitigate potential risks to national security. Organizations are advised to review the KEV catalog and patch the identified weakness to prevent exploitation attempts.

  • The United States Cybersecurity and Infrastructure Security Agency (CISA) has added the Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities (KEV) catalog.
  • The vulnerability, CVE-2026-45247, is a critical PHP object injection vulnerability affecting Magento 2 before version 1.11.12.
  • Unauthenticated attackers can exploit the vulnerability for remote code execution, potentially gaining full control of the affected server.
  • Thousands of Magento stores may be affected by this vulnerability, and researchers estimate that a single crafted cookie on any storefront page can lead to remote code execution.
  • The U.S. CISA has issued guidelines for federal agencies to address the identified vulnerabilities by June 6, 2026.
  • Private organizations are advised to review the KEV catalog and address the vulnerabilities in their infrastructure to prevent potential security breaches.
  • The public exploit code for this vulnerability has emerged, encouraging malicious actors to target affected servers.


    • The United States Cybersecurity and Infrastructure Security Agency (CISA) has taken a proactive step in enhancing the cybersecurity posture of federal agencies by adding the Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247, to its Known Exploited Vulnerabilities (KEV) catalog. This move is part of CISA's efforts to provide timely warnings about known exploited vulnerabilities and help mitigate potential risks to national security.

    The Mirasvit Full Page Cache Warmer flaw is a critical PHP object injection vulnerability affecting Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12. This vulnerability allows unauthenticated attackers to send a specially crafted serialized PHP object through the CacheWarner cookie, which is processed by an unsafe call to PHP's unserialize() function. By leveraging gadget chains present in Magento and its dependencies, attackers can achieve remote code execution, potentially gaining full control of the affected server.

    The discovery of this vulnerability was attributed to Sansec researchers, who pointed out that a single crafted cookie on any storefront page can lead to remote code execution. The experts noted that the plugin runs on every storefront request, expanding the attack surface and increasing the risk of exploitation. Researchers estimate that thousands of Magento stores may be affected by this vulnerability.

    The U.S. CISA has issued guidelines for federal agencies to address the identified vulnerabilities by the due date. According to the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to fix the vulnerability by June 6, 2026, to protect their networks against attacks exploiting the flaws in the catalog.

    In addition to this notice from CISA, experts recommend that private organizations review the KEV catalog and address the vulnerabilities in their infrastructure. This proactive approach can help prevent potential security breaches and minimize the impact of exploitation attempts.

    Furthermore, the public exploit code for this vulnerability has emerged, which may encourage malicious actors to target affected servers. As a result, it is essential for system administrators and web developers to take immediate action to patch the Mirasvit Full Page Cache Warmer flaw and implement security measures to prevent exploitation.

    The addition of CVE-2026-45247 to the KEV catalog highlights the importance of vulnerability disclosure and the need for proactive cybersecurity measures. By staying informed about known exploited vulnerabilities, organizations can take steps to mitigate potential risks and protect their networks against sophisticated attacks.

    In conclusion, the U.S. CISA's decision to add Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog serves as a reminder of the importance of cybersecurity awareness and proactive vulnerability management. By staying informed about known exploited vulnerabilities and taking steps to patch identified weaknesses, organizations can significantly reduce the risk of security breaches.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/US-CISA-Adds-Mirasvit-Full-Page-Cache-Warmer-Flaw-to-its-Known-Exploited-Vulnerabilities-Catalog-A-Critical-PHP-Object-Injection-Vulnerability-ehn.shtml

  • https://securityaffairs.com/193156/security/u-s-cisa-adds-mirasvit-full-page-cache-warmer-flaw-to-its-known-exploited-vulnerabilities-catalog.html

  • https://nvd.nist.gov/vuln/detail/CVE-2026-45247

  • https://www.cvedetails.com/cve/CVE-2026-45247/


    • Published: Thu Jun 4 12:40:36 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us