{"uuid": "604041ed-cc6a-4bca-8035-af1ca5dd5660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/116799252848428119", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild & on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\nhttps://dashboard.shadowserver.org/statistics/combined/map/?date_range=1&map_type=std&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-48907%2B&data_set=count&scale=log&auto_update=on\nRaw IP data shared in our Vulnerable HTTP reporting https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2026-48907' filtered by network/constituency\nDashboard Tree Map view: https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-48907%2B&data_set=count&scale=log&auto_update=on\nPatch info: https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites", "creation_timestamp": "2026-06-23T11:46:03.212247Z"}