{"vulnerability": "CVE-2026-4890", "sightings": [{"uuid": "c968d7ce-288a-401f-b152-866a78cfdd6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4890", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllwemsz4v2c", "content": "CVE-2026-4890 - CVE-2026-4890\nCVE ID : CVE-2026-4890\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS pack...", "creation_timestamp": "2026-05-11T18:40:38.404333Z"}, {"uuid": "30e44614-c375-4fce-8fc8-8cbce9234d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4890", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnhr2mtcj2s", "content": "\ud83d\udfe0 CVE-2026-4890 - High (7.5)\n\nA Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attacke...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-4890/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-12T09:24:29.695016Z"}, {"uuid": "35baac01-8d73-4b06-9e94-cb2aa9a673be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-4890", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bb20f34e-4314-42f2-8e6b-cb2c917339bc", "content": "", "creation_timestamp": "2026-05-13T12:31:36.904766Z"}, {"uuid": "8a5424c0-663d-4e3a-8dd0-bb6e54e13638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48906", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmtna4mrm42c", "content": "CVE-2026-48906 - Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework\nCVE ID : CVE-2026-48906\n \n Published : May 27, 2026, 11:16 a.m. | 48\u00a0minutes ago\n \n Description : The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary fil...", "creation_timestamp": "2026-05-27T13:43:52.627299Z"}, {"uuid": "8aa88a6f-25b7-4a2d-9139-4cfac01e8187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48900", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:36.791006Z"}, {"uuid": "2f0e2d39-9bc1-4976-8a37-5117d8d0900b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48901", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:36.916754Z"}, {"uuid": "bc06b77f-efa8-4bb8-8f3e-d887816d054a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48902", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:37.054620Z"}, {"uuid": "f8c308d3-946f-4a46-91a4-b0e5fa7fc5d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48903", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:37.214635Z"}, {"uuid": "70b6fdf9-5483-4814-9e5e-7377c0a92a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48904", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:37.380442Z"}, {"uuid": "8295eea1-1c8d-40a1-8a4f-7c22150a85de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48905", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q", "content": "\ud83d\udd17 CVE : CVE-2026-48896, CVE-2026-48897, CVE-2026-48898, CVE-2026-48899, CVE-2026-48900, CVE-2026-48901, CVE-2026-48902, CVE-2026-48903, CVE-2026-48904, CVE-2026-48905", "creation_timestamp": "2026-05-27T14:35:37.802197Z"}, {"uuid": "7c774fdc-95db-4f83-be5e-6402029a2adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.768446Z"}, {"uuid": "2c752e5e-0b1c-4309-9f6a-27402122a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.767565Z"}, {"uuid": "4ffc6e37-b1ef-4097-95f9-254c07c47c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116696680833602850", "content": "\ud83d\udea8 CRITICAL: Joomla Content Editor (JCE) vuln (CVE-2026-48907) allows unauthenticated PHP upload &amp; exec (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE &amp; monitor systems. Details: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #Vuln #InfoSec", "creation_timestamp": "2026-06-05T09:00:38.352983Z"}, {"uuid": "d9f7b01a-0eb7-43c8-8ec7-9174455b385e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload &amp; run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.902780Z"}, {"uuid": "75ff94c7-b57c-4db5-a91b-b18ffc562869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload &amp; run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.901516Z"}, {"uuid": "77ba11c9-dd08-4b44-881a-d31629e80f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-48907.yaml", "content": "", "creation_timestamp": "2026-06-11T15:38:57.000000Z"}, {"uuid": "6e7da8eb-ecaa-4cc9-b4bd-6755e44a67b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mod2vypzwg22", "content": "CVE-2026-48907 (CVSS 100): The Unauthenticated RCE That Turns Your Joomla Site into a Pwned Statistic +\u00a0Video\n\nIntroduction: A new zero\u2011click Remote Code Execution (RCE) vulnerability has been discovered in the popular Joomla Content Editor (JCE) extension. Tracked as CVE\u20112026\u201148907 and carrying a\u2026", "creation_timestamp": "2026-06-15T10:23:34.069509Z"}, {"uuid": "abe88bc5-c055-4d63-ad53-c7f0a1f6cfac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-jce-sfruttamento-attivo-in-rete-della-cve-2026-48907", "content": "Rilevato sfruttamento attivo in rete della CVE-2026-48907 \u2013 gi\u00e0 sanata dal vendor \u2013 presente nel plugin Joomla Content Editor (JCE) estensione per il noto CMS Joomla! utilizzata per la gestione avanzata dei contenuti, Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati.", "creation_timestamp": "2026-06-15T11:32:15.000000Z"}, {"uuid": "e1ada4c7-b083-447a-b53c-efd5a5ba9682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mogkt2xx362u", "content": "\ud83d\uded1 CVE-2026-48907\nWidget Factory Joomla Content Editor\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in the JCE editor extension for Joomla allows the creat\u2026\nhttps://cvesentinel.com/report/CVE-2026-48907?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-16T19:46:14.387856Z"}, {"uuid": "f99098c7-a2d3-4114-be78-1866ace92fb9", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b71394c1-e100-4ea5-9f11-216c0892d268", "content": "", "creation_timestamp": "2026-06-16T20:00:01.385475Z"}, {"uuid": "29e14271-14a8-4754-9fc4-a196849370e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mogoxjqp6j2k", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0616)\n\n\u26a0\ufe0f CVE-2026-48907 - Widget Factory Joomla Content Editor Improper Access Control Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-16T21:00:18.882316Z"}, {"uuid": "1921f669-6a0a-4b81-96ff-bc620e134365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mohosgpgxs24", "content": "CISA warns of active exploitation of Joomla JCE vulnerability CVE-2026-48907; update to version 2.9.99.5 now. #Cybersecurity #Joomla #CISA #Vulnerability #PHP #CMS thedailytechfeed.com/cisa-alerts-...", "creation_timestamp": "2026-06-17T06:30:08.689925Z"}, {"uuid": "fba7ff49-102b-4845-b96c-d0395d9a4b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mohoxuuzhd2v", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 16)\n\nCVE-2026-48907 Widget Factory Joomla\u30b3\u30f3\u30c6\u30f3\u30c4\u30a8\u30c7\u30a3\u30bf\u30fc\u306e\u4e0d\u9069\u5207\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-17T06:33:10.225340Z"}, {"uuid": "7812cb5b-d5bb-41cb-a83c-04fc8f074b9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary", "creation_timestamp": "2026-06-17T03:50:46.000000Z"}, {"uuid": "857e3d31-95f4-4c42-a1bc-a988ec53b93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mohx74eegi2l", "content": "Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA", "creation_timestamp": "2026-06-17T09:00:23.896971Z"}, {"uuid": "8c38ce12-9dc7-414b-a1f5-8531c987f339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mohsppl7pam2", "content": "CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution TheHackerNews CISA added CVE-2026-48907 in Joomla JCE to its KEV catalog after active exploitation; fixes are due by Jun...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-17T07:41:20.325740Z"}, {"uuid": "2d7320f2-9f86-4573-8fe0-50a51bbbd253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mohvil276i2h", "content": "Joomla JCE\u306bPHP\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u8a31\u3059\u8106\u5f31\u6027(CVE-2026-48907)\u304c\u767a\u898b\u3055\u308c\u3001CISA\u304c\u6ce8\u610f\u559a\u8d77\u3002\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3002", "creation_timestamp": "2026-06-17T08:29:53.827874Z"}, {"uuid": "68a5ef0e-22cd-469d-ba9f-7e9d975a7c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3moi6zikyzp2k", "content": "\ud83d\udea8 Critical improper access control vulnerability tagged CVE-2026-48907, affecting Joomla Content Editor is seeing active exploitation in the wild (reported by CISA)\n\nVulnerability detection script:\ngithub.com/rxerium/rxer...\n\nPatches and mitigations:\nwww.sentinelone.com/vulnerabilit...", "creation_timestamp": "2026-06-17T11:20:26.070487Z"}, {"uuid": "8f969ee7-97ac-4506-bd0a-165bb98c0ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3moibayxngn24", "content": "Joomla Widget Factory JCE: CISA lists CVE-2026-48907 (CVSS 10.0) as actively exploited. Patch immediately and review for PHP code execution attempts. #Cybersecurity #Vulnerability #ThreatIntel\n\nSource: https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "creation_timestamp": "2026-06-17T12:00:57.090849Z"}, {"uuid": "3ba0b8f9-85a8-4f56-a4b4-975d1f729297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2x2tc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:52.010098Z"}, {"uuid": "3613b729-9507-4279-9db8-71565aa35188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xbo22d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:53.143029Z"}, {"uuid": "5ba52d4b-5e13-4ef9-9e62-7557ec20380b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:54.235120Z"}, {"uuid": "74bc999d-01fe-436b-8e2a-67f85581ce21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnd2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:55.385274Z"}, {"uuid": "cf1b9f58-32bf-4598-8e50-791b2d56ec47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xelt2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:56.483859Z"}, {"uuid": "f04bd0eb-6fd9-4a2a-b9e2-f17b247de07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moiq64m53y2u", "content": "URGENT: CVE-2026-48907 is seeing active exploitation in Joomla! JCE extensions. This critical RCE flaw allows unauthenticated attackers to take full control. Read our executive remediation brief to harden your environment now.\nhttps://thecybermind.co/ic6z\n#CyberSecurity #Joomla #Infosec #KEV", "creation_timestamp": "2026-06-17T16:27:13.799834Z"}, {"uuid": "be64f704-adb9-46ff-9930-ca1f047f036a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moir6ocvvy2n", "content": "CISA ordered federal agencies to patch CVE-2026-48907 by Friday. The max-severity JCE plugin flaw in Joomla can let attackers upload and run PHP code. Fix: JCE Pro 2.9.99.6. #Joomla #CISA #JCE", "creation_timestamp": "2026-06-17T16:45:26.381952Z"}, {"uuid": "9ee4d054-3a56-4d23-aa5d-e345acd12d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3moiyu6gmju42", "content": "[[TLP:CLEAR] JCE opravuje kritickou aktivn\u011b zneu\u017e\u00edvanou zranitelnost]\n\nCISA za\u0159adila kritickou zranitelnost (CVE-2026-48907) v Joomla Content Editor (JCE) do katalogu aktivn\u011b zneu\u017e\u00edvan\u00fdch zranitelnost\u00ed \u2b07\ufe0f. Skript pro PoC naleznete na \u2b07\ufe0f.\n\nOdkaz na webovou verzi cel\u00e9ho reportu [\u2026]", "creation_timestamp": "2026-06-17T19:02:48.253975Z"}, {"uuid": "2c1c3b84-5807-403b-993d-c907dac79228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moj6czenx42m", "content": "Alert: CVE-2026-48907. A severe access control flaw in Widget Factory Joomla Content Editor allows unauthenticated PHP script execution. Lock down your CMS. Read our tactical engineering runbook for full IOCs and endpoint hardening steps. https://thecybermind.co/unjv\n\n\ud83d\udee1\ufe0f #CyberSecurity #CVE\u2026", "creation_timestamp": "2026-06-17T20:40:30.487888Z"}, {"uuid": "c40c7860-bd69-4560-aa63-2cc7020a13dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojaburz2e2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.330176Z"}, {"uuid": "6fbc5272-84ea-436b-a560-df9a70b9ee03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabus7v42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.875813Z"}, {"uuid": "4645e685-08f5-476b-a8c6-6ce314574a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusbtm2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.409008Z"}, {"uuid": "784192cb-a639-476d-9fff-8c2e7b2a881b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabuscsu2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.930656Z"}, {"uuid": "6d23e02a-e4ea-431e-98cf-6f186bd8d2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusds42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:42.536635Z"}, {"uuid": "89f06e64-d2a7-41bc-8c7b-c10d30832f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusere2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.068487Z"}, {"uuid": "30c26aa0-4255-466d-8351-829433c61aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.602390Z"}, {"uuid": "e99e17f3-bca3-4fb2-be8f-275d5eb5634b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp52b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.144872Z"}, {"uuid": "752f28e4-f4fc-4168-9f51-59a09ec51ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusiof2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.770224Z"}, {"uuid": "a622d88a-9c00-470c-b6f9-fc16e8fbbde5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gfzf2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:42.655264Z"}, {"uuid": "75895b36-3960-4e4f-a93d-b8e1a46b2afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gmu52b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:43.693974Z"}, {"uuid": "f5c896a2-f446-4dd7-b8dc-a4bbd1513df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gntf2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:44.846917Z"}, {"uuid": "d0ea7159-2b11-4312-82d6-cc2bb993c540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gosn2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:45.909498Z"}, {"uuid": "48dbcdf9-5a54-477e-a825-fdd93db4bd4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gprv2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:47.172205Z"}, {"uuid": "ea2b1c3d-40c0-4632-9eb3-fed45d1c05ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gqr52b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:48.237933Z"}, {"uuid": "7f3c6c20-4879-4dff-af8d-5a6f67d6a1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gqr62b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:49.403795Z"}, {"uuid": "77f44c1c-cce5-4019-b7d8-ba29a5be04bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gspo2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:50.484915Z"}, {"uuid": "22ba0403-e53a-42df-a1ba-97c7d5ddecd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gtow2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:51.492949Z"}, {"uuid": "f96ec00e-7860-40df-96a3-20995ed8c555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tr7k22e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:46.708222Z"}, {"uuid": "9d79b05c-8279-42ef-8341-248bc685b1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tqxq22e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:45.254937Z"}, {"uuid": "b8c3e5f1-4c48-4426-9179-29c1499c621e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tr6ks2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:46.032053Z"}, {"uuid": "f1a6c097-2754-45fa-9ebc-e84e782dbb49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trbil2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:48.703466Z"}, {"uuid": "1da7445f-5308-4a63-a423-f680e87c7ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trajc2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:47.411164Z"}, {"uuid": "fc67b73f-f91f-4a0c-be6b-489e81f0085b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trajd2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:48.074860Z"}, {"uuid": "75902e0e-de22-4cca-83c4-9797e4d11e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trbim2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:49.492840Z"}, {"uuid": "ac763424-1a5a-4ef6-87ee-7de539f441f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "Telegram/WWWHczf5cNnqk0Vv0lWj7tyigbd43npSKH3-Z1auyWOYzQ", "content": "", "creation_timestamp": "2026-06-17T07:07:14.000000Z"}, {"uuid": "d6ccdbc4-5fa9-43a3-8648-94439dc78833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/Twzxtbvyqic9grgE7JaZrbs3i9BOrZG8PBBvMyWgrTB7Ya8", "content": "", "creation_timestamp": "2026-06-09T19:00:13.000000Z"}, {"uuid": "15d7ad7f-d022-4b09-a704-9a283c601423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/avQcqITCN0CdPqbu_zPd1c2U29MoQRx_NSjCudrYTZic4II", "content": "", "creation_timestamp": "2026-06-09T23:00:05.000000Z"}, {"uuid": "32ef3d2a-c5e1-4364-bfa1-9714b397e3bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/fCG7WKzSZ3J5MxWk4q33cwgoeWrsZeYEI50sN5k5RlUMOc4", "content": "", "creation_timestamp": "2026-06-11T23:00:06.000000Z"}, {"uuid": "753f7a0e-9a11-4704-894f-748a4ae5d695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/YXCyRYfB5puG4zVuSsqFt0CqpucG34vnwOdsG1DKfw8sOUE", "content": "", "creation_timestamp": "2026-06-12T11:00:12.000000Z"}, {"uuid": "3e7ca6fb-f623-4e30-9f5a-abe3bdb2204e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/dt0AF8_y_UrMLbm3nbIzl56WQ7K0nt860xLQHDp_bOOwKbw", "content": "", "creation_timestamp": "2026-06-13T15:00:16.000000Z"}, {"uuid": "15130c9e-0108-46d4-8a10-7d12bfb2c4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/ycLXaxSGB-_ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y", "content": "", "creation_timestamp": "2026-06-12T15:00:07.000000Z"}, {"uuid": "d2529373-f022-451c-aab8-d0416873f3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/qE6f29_aVOJA4ORgQTQStDqLz7TqoxzfPbinGVmKV8o4EU8", "content": "", "creation_timestamp": "2026-06-11T15:00:13.000000Z"}, {"uuid": "89fd45b6-5d55-400c-b984-fc063be6e674", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/54492054-44e9-4990-9354-de0b7df1fce0", "content": "", "creation_timestamp": "2026-06-19T12:45:05.539982Z"}, {"uuid": "be2119a7-8a9f-469d-9801-bb5f7451eb53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monw2r2oet2r", "content": "CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack", "creation_timestamp": "2026-06-19T17:56:01.597794Z"}, {"uuid": "b5a2bdbe-1901-407f-860d-62855ee27588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mooobp7it32m", "content": "Any website running the Joomla Content Editor extension can be taken over right now. CISA added CVE-2026-48907, a maximum-severity flaw scoring 10.0, to its known-exploited list. Unauthenticated attackers create editor profiles, then upload and run PHP code. Public exploit. Fix: JCE 2.9.99.5.", "creation_timestamp": "2026-06-20T01:09:24.591270Z"}, {"uuid": "193561c6-7769-4222-8d0c-77be56086404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48908", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mopxorztly2f", "content": "SP Page Builder for Joomla hit by CRITICAL vuln (CVE-2026-48908, CVSS 10) \u2014 unauthenticated PHP uploads possible. Restrict/disable extension &amp; monitor your site. No patch yet. https://radar.offseq.com/threat/cve-2026-48908-cwe-284-improper-access-control-in--a8937f9d4a0573e0 #OffSeq #Joomla #Vuln...", "creation_timestamp": "2026-06-20T13:30:28.248311Z"}, {"uuid": "7ee39bd0-2235-4d22-9d2b-074fe981fcbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116782676365105563", "content": "CRITICAL vuln (CVSS 10) in Joomla SP Page Builder (1.0.0 \u2013 6.6.1): CVE-2026-48908 enables unauthenticated PHP uploads, risking full compromise. No patch yet \u2014 restrict/disable extension, monitor activity. Details: https://radar.offseq.com/threat/cve-2026-48908-cwe-284-improper-access-control-in--a8937f9d4a0573e0 #OffSeq #Joomla #CVE #AppSec", "creation_timestamp": "2026-06-20T13:30:35.322922Z"}, {"uuid": "d7da2b2f-8e7b-461b-b038-bde411e4bd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mopy7rua3k2d", "content": "CVE-2026-48908 - Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla\nCVE ID : CVE-2026-48908\n \n Published : June 20, 2026, 11:57 a.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : A vulnerability in the SP Page Builder for Joomla allows...", "creation_timestamp": "2026-06-20T13:39:57.293723Z"}, {"uuid": "661b8d17-cdc3-46c3-a12c-d35f47af3463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48909", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mopyrpawac2a", "content": "CVE-2026-48909 - Joomla Extension - joomshaper.com - PHP Object injection in SP LMS extension for Joomla\nCVE ID : CVE-2026-48909\n \n Published : June 20, 2026, 11:56 a.m. | 1\u00a0hour, 13\u00a0minutes ago\n \n Description : SP LMS (com_splms) &lt; 4.1.4 by JoomShaper deserializes user-con...", "creation_timestamp": "2026-06-20T13:49:58.589839Z"}, {"uuid": "8b3d1c5d-ab83-45ab-9594-ab6b6f23c11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48909", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3morex5l44o2t", "content": "Critical deserialization issue in JoomShaper SP LMS (Joomla, v1.0.0 \u2013 4.1.3): Unauthenticated RCE possible. No patch confirmed \u2014 restrict access &amp; monitor for abuse. Details: https://radar.offseq.com/threat/cve-2026-48909-cwe-502-deserialization-of-untruste-b0460f6997894c12 #OffSeq #Vulnerability...", "creation_timestamp": "2026-06-21T03:00:27.502416Z"}, {"uuid": "703c1647-25f0-4ec2-8c96-0a0822a5fc63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48909", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116785861349829350", "content": "JoomShaper SP LMS for Joomla (v1.0.0 \u2013 4.1.3) hit by CRITICAL vuln (CVE-2026-48909): unsafe cookie deserialization enables unauth RCE. No patch yet \u2014 restrict access &amp; monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-48909-cwe-502-deserialization-of-untruste-b0460f6997894c12 #OffSeq #Joomla #CVE #infosec", "creation_timestamp": "2026-06-21T03:00:34.705588Z"}, {"uuid": "d4107507-b848-4ea1-a995-6ea58b5b189e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48909", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3morluejtd22v", "content": "Daily IT Security Digest \u2014 2026-06-21\nDeserialization**\nCRITICAL vulnerability (CVE-2026-48909) in JoomShaper SP LMS for Joomla (v1.0.0\u20134.1.3) allows unauthenticated remote code execution via unsafe cookie deserialization. No patch exists yet; administrators should restrict access and monitor", "creation_timestamp": "2026-06-21T05:04:10.165057Z"}, {"uuid": "6a6b5cb0-a04a-4efc-8834-701ac70a85d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48909", "type": "seen", "source": "https://bsky.app/profile/hermes71.bsky.social/post/3morlues37w2j", "content": "Daily IT Security Digest \u2014 2026-06-21\nclosely.\nSources: [OffSeq Radar](https://radar.offseq.com/threat/cve-2026-48909) \u00b7 [infosec.exchange @offseq](https://infosec.exchange/@offseq/116785861349829350)\n\n**8. Rockstar Games Data Breach \u2014 ~80 Million Records Exposed**\nHackers claim to have stolen", "creation_timestamp": "2026-06-21T05:04:10.707998Z"}, {"uuid": "a148f6ba-74cc-488c-a994-be3ffdfbd83d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mosbytrxib2v", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-48908\n\nA vulnerability in the SP Page Builder for Joomla allows the upload of arbitrary files for unauthenticated users, ultimately resulting in PHP code ...", "creation_timestamp": "2026-06-21T11:40:21.437007Z"}, {"uuid": "32ba867c-00fb-4820-b26e-41d72ab63351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116788487271185894", "content": "It is possible to see elevated activities targeting joomshaper SP Page Builder extension for Joomla (CVE-2026-48908) https://vuldb.com/vuln/372537/cti", "creation_timestamp": "2026-06-21T14:10:21.913422Z"}, {"uuid": "c402fe20-33f0-45a8-8307-aa900b94cb7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mota7ywdm226", "content": "CVE-2026-48907 (CVSS 10.0) \u2014 Joomla JCE plugin: upload rogue editor profile \u2192 PHP web shell. Exploitation automatizzata ITW. CISA KEV, deadline FCEB: oggi. Patch: JCE 2.9.99.5. #Joomla #CISAKEV", "creation_timestamp": "2026-06-21T20:41:14.299105Z"}, {"uuid": "64ccb30b-d677-4aa0-9059-54e8ca18114b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48904", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mou5vcertt2b", "content": "\ud83d\udea8  ALERT: CVE-2026-48904\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nAn improper access check allows privelege escalation through the com_users group editing webservice endpoint.\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 Joomla\\!\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack vector: unknown\nImpact: high impact on confidentiality, integrity, availab", "creation_timestamp": "2026-06-22T05:32:06.620895Z"}, {"uuid": "98b89684-f7f7-4e4f-954f-5305c5d7d716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mou7kezi552n", "content": "\ud83d\udea8  ALERT: CVE-2026-48907\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nA vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 Jce\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack vector: N", "creation_timestamp": "2026-06-22T06:01:49.001066Z"}, {"uuid": "9674ba59-37d6-4486-96f5-bf5185975b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mouwfnax522r", "content": "\ud83d\udea8 CISA just added another Joomla bug to its active exploits list. That's three this year.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-21/\n\n#InfoSec #DataBreach", "creation_timestamp": "2026-06-22T12:50:45.103170Z"}, {"uuid": "8c0368a3-e38e-45b5-a2eb-d1773ad895aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mox7eshbps2k", "content": "\u26a0\ufe0f CISA just added another Joomla bug to its exploited list. How many are still unpatched in your environment?\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-21/\n\n#CyberSecurity #Security", "creation_timestamp": "2026-06-23T10:36:39.988959Z"}, {"uuid": "604041ed-cc6a-4bca-8035-af1ca5dd5660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/116799252848428119", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild &amp; on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\nhttps://dashboard.shadowserver.org/statistics/combined/map/?date_range=1&amp;map_type=std&amp;source=http_vulnerable&amp;source=http_vulnerable6&amp;tag=cve-2026-48907%2B&amp;data_set=count&amp;scale=log&amp;auto_update=on\nRaw IP data shared in our Vulnerable HTTP reporting https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2026-48907' filtered by network/constituency\nDashboard Tree Map view: https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&amp;source=http_vulnerable&amp;source=http_vulnerable6&amp;tag=cve-2026-48907%2B&amp;data_set=count&amp;scale=log&amp;auto_update=on\nPatch info: https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites", "creation_timestamp": "2026-06-23T11:46:03.212247Z"}, {"uuid": "ae2f2312-8604-4f6b-b2e9-264b4cccc5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48909", "type": "seen", "source": "https://bsky.app/profile/toxy4ny.bsky.social/post/3moyeu62nn22k", "content": "Tuesday\u2019s fuck up - this time Joomla &amp; PHP - In SP LMS PHP Object Injection - RCE\nPOC  \u2264 4.1.3 for Joomla CMS github.com/Is4yev/CVE-2... #cve #poc #exploit #cve-2026-48909 #joomla #php", "creation_timestamp": "2026-06-23T11:47:38.442781Z"}, {"uuid": "695f232c-6924-48f9-818b-3b5254e44962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3moxddmglwk2b", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild &amp; on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\n\ndashboard.shadowserver.org/statistics/c...", "creation_timestamp": "2026-06-23T11:47:42.936658Z"}, {"uuid": "c30790da-9169-4eab-80c7-72e3bfe156e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3moxddqwy2c2b", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild &amp; on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\n\ndashboard.shadowserver.org/statistics/c...", "creation_timestamp": "2026-06-23T11:47:43.750103Z"}, {"uuid": "fd24c918-a3bf-4508-85fd-23fed150c9a9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0f2302f3-00e7-4d90-86fc-886701fba25b", "content": "", "creation_timestamp": "2026-06-23T14:02:57.116293Z"}, {"uuid": "708f5606-d759-4e23-bc63-1735743d3003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3moxxxkctdg2v", "content": "Third critical CVE added to CISA's KEV list this month. Same pattern every time.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/news/article/cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-23T17:56:38.852227Z"}, {"uuid": "1da2d5f9-c5b2-4bcc-9453-3a777ef61216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mozp5jynyo2p", "content": "\u26a0\ufe0f CISA just added another Joomla bug to its exploited list. This one is already in the wild.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/news/article/cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-24T10:24:15.739524Z"}, {"uuid": "5ad14ce6-fdb3-4c0f-91b5-4edbe96f3f5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/censys.bsky.social/post/3mp2bbz5mii2b", "content": "\ud83d\udea8 CVE-2026-48908 (CVSS 10.0) A critical flaw in Joomla's SP Page Builder can enable unauthenticated file upload &amp; potential RCE:\n\u25aa\ufe0fVersions 1.0.0\u20136.6.1 affected\n\u25aa\ufe0fActive exploitation reported\n\u25aa\ufe0fPatched in 6.6.2\n\nCensys observed 194,793 web properties loading the component. https://bit.ly/43Y8ONk ", "creation_timestamp": "2026-06-24T15:48:54.608990Z"}, {"uuid": "1e3c94c5-c6c8-41ea-be50-715c31a3ce9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-critical-vulnerability-joomla-content-editor-extension-jce-patch-immediately", "content": "", "creation_timestamp": "2026-06-25T13:45:05.932377Z"}, {"uuid": "3ffc66d9-5865-4a14-96a0-f9508371bc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hookprobe.com/post/3mp545ijkce2p", "content": "\ud83c\udfac How HookProbe Detects CVE-2026-48907: Securing Widget Factory Joomla Content Editor \u2014 AI-native edge security on a $50 Raspberry Pi. #infosec #EdgeSecurity #RaspberryPi", "creation_timestamp": "2026-06-25T18:54:51.892390Z"}, {"uuid": "e355404a-2b62-4c89-9465-0d6c1e4b224e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-sp-page-builder-sfruttamento-attivo-in-rete-della-cve-2026-48908", "content": "", "creation_timestamp": "2026-06-26T09:15:02.491617Z"}, {"uuid": "a0b073c5-97d1-43f5-adef-822c72e76c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-sp-page-builder-sfruttamento-attivo-in-rete-della-cve-2026-48908", "content": "Rilevato sfruttamento attivo in rete della CVE-2026-48908 \u2013 gi\u00e0 sanata dal vendor \u2013 presente nel plugin SP Page Builder per il noto CMS Joomla! Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire a un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati.", "creation_timestamp": "2026-06-27T01:00:38.965024Z"}, {"uuid": "bb49f64f-31f5-4794-8eb7-4ca93159d43a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mpmsrm35me2n", "content": "ChocoPoC Crisis: How a Tasty-Looking Joomla PoC Became a Full-Blown Supply Chain Attack +\u00a0Video\n\nIntroduction: In late June 2026, YesWeHack\u2019s vulnerability intelligence team published an analysis of a critical unauthenticated RCE flaw in the Joomla JCE extension (CVE-2026-48907), including a\u2026", "creation_timestamp": "2026-07-02T00:49:45.480063Z"}, {"uuid": "d58cccaa-8167-42a4-813d-abddf87f62d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mpvvxje66i25", "content": "Another Joomla exploit lands; defenders still pretending patching is a strategy\nPANIC 68% | Lag 0.0h | CISA has added CVE-2026-48907, a Joomla vulnerability, to its active exploitation list, which means \n#AfterShockIndex\nREAD MORE", "creation_timestamp": "2026-07-05T15:40:42.419448Z"}, {"uuid": "25e1756d-79df-4651-827e-7f6d675ea504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpwegcmhq72j", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48908 \u0432 SP Page Builder \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\n\nhttps://kripta.biz/posts/9A0A0517-E3D2-41CB-B1B7-37C81929D156", "creation_timestamp": "2026-07-05T19:59:31.298195Z"}, {"uuid": "0bbf7e9c-7e32-4192-be39-3a393bfd2879", "vulnerability_lookup_origin": "cce329bf-df49-4c6e-a027-80be2e6483bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b3395aed-c1a6-41e0-afc5-698af243eb5b", "content": "", "creation_timestamp": "2026-07-06T12:00:01.834759Z"}, {"uuid": "685d9958-5ef8-400e-9208-957c008b1b26", "vulnerability_lookup_origin": "cce329bf-df49-4c6e-a027-80be2e6483bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/93758b51-8ab7-42f8-9828-660f99fe11eb", "content": "", "creation_timestamp": "2026-07-06T12:00:01.918728Z"}, {"uuid": "833cf071-e8a0-4b16-ad17-c4fa533e2aa6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5e41f257-a499-474a-a14c-e31886ad7930", "content": "", "creation_timestamp": "2026-07-07T18:00:02.317978Z"}, {"uuid": "40f4d471-5037-47eb-9bfc-f4d6e0bf4d27", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e1a4b5b4-3b51-406d-9540-2240437e87d1", "content": "", "creation_timestamp": "2026-07-07T18:00:24.575983Z"}, {"uuid": "7f5ac3f1-341e-4406-8d3a-08c1f15216d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/csirts.bsky.social/post/3mq34zpjdrg2d", "content": "\ud83d\udea8 Added to CISA KEV \u2014 actively exploited:\nCVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability\n\nhttps://www.csirts.com/cve/CVE-2026-48908", "creation_timestamp": "2026-07-07T17:30:30.935459Z"}, {"uuid": "f040accd-b5ae-4ed3-8686-b23f65fc3cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116879890133195498", "content": "CISA has updated the KEV catalogue.\n-  CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56290\n-  CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-55255\n-  CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48908\nSeveral industrial vulnerabilities: https://www.cisa.gov/ #infosec #vulnerability #CISA", "creation_timestamp": "2026-07-07T17:33:09.923394Z"}, {"uuid": "f7aea7de-0bc3-48d6-bf73-43718e71ab80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq35a3eonf2i", "content": "CVE-2026-48908 - sp page builder [known exploited]\nThe SP Page Builder for Joomla allows attackers to upload any type of file, including malicious PHP code, without needing a login. This could allow hackers to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#joomshaper #CVE #infosec", "creation_timestamp": "2026-07-07T17:34:05.007598Z"}, {"uuid": "8f94f8f5-af4f-400a-8bc8-d9a7fe17472c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mq36dfyafx2u", "content": "\ud83d\uded1 CVE-2026-48908\nJoomShaper SP Page Builder\nCVSS 10.0 / EPSS 1% / KEV: No\nTL;DR: A vulnerability in SP Page Builder for Joomla allows unauthenticated users to u\u2026\nhttps://cvesentinel.com/report/CVE-2026-48908?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-07T17:53:59.724905Z"}, {"uuid": "0588473b-0e3b-48c1-afdb-8bbcc512a006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6935164", "content": "2026-07-07: [CVE-2026-48908] JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type VulnerabilityJoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.\ncisakev", "creation_timestamp": "2026-07-07T18:27:13.728075Z"}, {"uuid": "6ac735ae-080a-454b-8362-76a271c05c73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mq3cvgg2cf2w", "content": "\ud83d\uded1 CVE-2026-48908\nJoomShaper SP Page Builder\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upl\u2026\nhttps://cvesentinel.com/report/CVE-2026-48908?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-07T19:15:29.699310Z"}, {"uuid": "2d79f86e-99ce-4a1e-bb40-aa00dfe67e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mq3h4lljal2v", "content": "CISA Adds Three Known Exploited Vulnerabilities to Catalog\nCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48908 JoomShaper SP Page Builder\u2026\n\n\ud83d\udd17 https://hnow.live/a/8f7a6e0c", "creation_timestamp": "2026-07-07T20:31:04.867326Z"}, {"uuid": "031c9834-0315-4334-a547-b943082b7869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mq4cpumcxcfn", "content": "CVE-2026-48908 JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability\nCVE-2026-55255 Langflow Authorization Bypass Through User-Controlled Key Vulnerability  \nCVE-2026-56290 Joomlack Page Builder Improper Access Control Vulnerability", "creation_timestamp": "2026-07-08T04:45:04.140532Z"}, {"uuid": "5b541de7-6bc0-419a-836a-fb03edcc0e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116884244173717703", "content": "CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), &amp; Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution &amp; backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE", "creation_timestamp": "2026-07-08T12:00:27.498331Z"}, {"uuid": "b23d336c-e6fc-4709-8661-7a363032c9f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mq7sjkxaxo2o", "content": "\ud83d\udd34 Joomla hit by two KEV flaws: CVE-2026-48908 (zero-day PHP upload + rogue Super User via com_sppagebuilder) &amp; CVE-2026-56290 / Page Builder CK (CVSS 10.0, unauth upload \u2192 RCE). Source: The Hacker News", "creation_timestamp": "2026-07-09T14:05:50.687122Z"}, {"uuid": "8fb33123-eeb4-4bfa-8d0a-df7a686c79a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2026-48908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ced56c0c-e06c-4fb9-8643-6152b5a79a82", "content": "", "creation_timestamp": "2026-07-09T14:58:44.017257Z"}, {"uuid": "c2f93e5a-36af-4ae3-93de-e9ad920e7c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/88354", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48907\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ywh-jfellus\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Shell\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-11 13:44:25\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPoC for CVE-2026-48907 - Joomla! JCE extension &lt; 2.9.99.5 unauthenticated RCE\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-12T07:00:04.695323Z"}, {"uuid": "f4030464-e011-4294-b994-627ea60d9c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/88065", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-48907-Unauthenticated-RCE-in-JCE\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a webshellseo8\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-09 16:39:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-48907: Unauthenticated RCE in JCE (Proof Of Concept)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-12T11:00:03.893960Z"}]}