{"vulnerability": "CVE-2026-48907", "sightings": [{"uuid": "4ffc6e37-b1ef-4097-95f9-254c07c47c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116696680833602850", "content": "\ud83d\udea8 CRITICAL: Joomla Content Editor (JCE) vuln (CVE-2026-48907) allows unauthenticated PHP upload & exec (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE & monitor systems. Details: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #Vuln #InfoSec", "creation_timestamp": "2026-06-05T09:00:38.352983Z"}, {"uuid": "7c774fdc-95db-4f83-be5e-6402029a2adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.768446Z"}, {"uuid": "2c752e5e-0b1c-4309-9f6a-27402122a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.767565Z"}, {"uuid": "d9f7b01a-0eb7-43c8-8ec7-9174455b385e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.902780Z"}, {"uuid": "75ff94c7-b57c-4db5-a91b-b18ffc562869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.901516Z"}, {"uuid": "77ba11c9-dd08-4b44-881a-d31629e80f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-48907.yaml", "content": "", "creation_timestamp": "2026-06-11T15:38:57.000000Z"}, {"uuid": "abe88bc5-c055-4d63-ad53-c7f0a1f6cfac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-jce-sfruttamento-attivo-in-rete-della-cve-2026-48907", "content": "Rilevato sfruttamento attivo in rete della CVE-2026-48907 \u2013 gi\u00e0 sanata dal vendor \u2013 presente nel plugin Joomla Content Editor (JCE) estensione per il noto CMS Joomla! utilizzata per la gestione avanzata dei contenuti, Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati.", "creation_timestamp": "2026-06-15T11:32:15.000000Z"}, {"uuid": "6e7da8eb-ecaa-4cc9-b4bd-6755e44a67b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mod2vypzwg22", "content": "CVE-2026-48907 (CVSS 100): The Unauthenticated RCE That Turns Your Joomla Site into a Pwned Statistic +\u00a0Video\n\nIntroduction: A new zero\u2011click Remote Code Execution (RCE) vulnerability has been discovered in the popular Joomla Content Editor (JCE) extension. Tracked as CVE\u20112026\u201148907 and carrying a\u2026", "creation_timestamp": "2026-06-15T10:23:34.069509Z"}, {"uuid": "e1ada4c7-b083-447a-b53c-efd5a5ba9682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mogkt2xx362u", "content": "\ud83d\uded1 CVE-2026-48907\nWidget Factory Joomla Content Editor\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in the JCE editor extension for Joomla allows the creat\u2026\nhttps://cvesentinel.com/report/CVE-2026-48907?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-16T19:46:14.387856Z"}, {"uuid": "f99098c7-a2d3-4114-be78-1866ace92fb9", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b71394c1-e100-4ea5-9f11-216c0892d268", "content": "", "creation_timestamp": "2026-06-16T20:00:01.385475Z"}, {"uuid": "7812cb5b-d5bb-41cb-a83c-04fc8f074b9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary", "creation_timestamp": "2026-06-17T03:50:46.000000Z"}, {"uuid": "29e14271-14a8-4754-9fc4-a196849370e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mogoxjqp6j2k", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0616)\n\n\u26a0\ufe0f CVE-2026-48907 - Widget Factory Joomla Content Editor Improper Access Control Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-16T21:00:18.882316Z"}, {"uuid": "1921f669-6a0a-4b81-96ff-bc620e134365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mohosgpgxs24", "content": "CISA warns of active exploitation of Joomla JCE vulnerability CVE-2026-48907; update to version 2.9.99.5 now. #Cybersecurity #Joomla #CISA #Vulnerability #PHP #CMS thedailytechfeed.com/cisa-alerts-...", "creation_timestamp": "2026-06-17T06:30:08.689925Z"}, {"uuid": "fba7ff49-102b-4845-b96c-d0395d9a4b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mohoxuuzhd2v", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 16)\n\nCVE-2026-48907 Widget Factory Joomla\u30b3\u30f3\u30c6\u30f3\u30c4\u30a8\u30c7\u30a3\u30bf\u30fc\u306e\u4e0d\u9069\u5207\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-17T06:33:10.225340Z"}, {"uuid": "857e3d31-95f4-4c42-a1bc-a988ec53b93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mohx74eegi2l", "content": "Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA", "creation_timestamp": "2026-06-17T09:00:23.896971Z"}, {"uuid": "f04bd0eb-6fd9-4a2a-b9e2-f17b247de07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moiq64m53y2u", "content": "URGENT: CVE-2026-48907 is seeing active exploitation in Joomla! JCE extensions. This critical RCE flaw allows unauthenticated attackers to take full control. Read our executive remediation brief to harden your environment now.\nhttps://thecybermind.co/ic6z\n#CyberSecurity #Joomla #Infosec #KEV", "creation_timestamp": "2026-06-17T16:27:13.799834Z"}, {"uuid": "8c38ce12-9dc7-414b-a1f5-8531c987f339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mohsppl7pam2", "content": "CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution TheHackerNews CISA added CVE-2026-48907 in Joomla JCE to its KEV catalog after active exploitation; fixes are due by Jun...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-17T07:41:20.325740Z"}, {"uuid": "2d7320f2-9f86-4573-8fe0-50a51bbbd253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mohvil276i2h", "content": "Joomla JCE\u306bPHP\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u8a31\u3059\u8106\u5f31\u6027(CVE-2026-48907)\u304c\u767a\u898b\u3055\u308c\u3001CISA\u304c\u6ce8\u610f\u559a\u8d77\u3002\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3002", "creation_timestamp": "2026-06-17T08:29:53.827874Z"}, {"uuid": "68a5ef0e-22cd-469d-ba9f-7e9d975a7c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3moi6zikyzp2k", "content": "\ud83d\udea8 Critical improper access control vulnerability tagged CVE-2026-48907, affecting Joomla Content Editor is seeing active exploitation in the wild (reported by CISA)\n\nVulnerability detection script:\ngithub.com/rxerium/rxer...\n\nPatches and mitigations:\nwww.sentinelone.com/vulnerabilit...", "creation_timestamp": "2026-06-17T11:20:26.070487Z"}, {"uuid": "8f969ee7-97ac-4506-bd0a-165bb98c0ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3moibayxngn24", "content": "Joomla Widget Factory JCE: CISA lists CVE-2026-48907 (CVSS 10.0) as actively exploited. Patch immediately and review for PHP code execution attempts. #Cybersecurity #Vulnerability #ThreatIntel\n\nSource: https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "creation_timestamp": "2026-06-17T12:00:57.090849Z"}, {"uuid": "3ba0b8f9-85a8-4f56-a4b4-975d1f729297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2x2tc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:52.010098Z"}, {"uuid": "3613b729-9507-4279-9db8-71565aa35188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xbo22d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:53.143029Z"}, {"uuid": "5ba52d4b-5e13-4ef9-9e62-7557ec20380b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:54.235120Z"}, {"uuid": "74bc999d-01fe-436b-8e2a-67f85581ce21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnd2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:55.385274Z"}, {"uuid": "cf1b9f58-32bf-4598-8e50-791b2d56ec47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xelt2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:56.483859Z"}, {"uuid": "9ee4d054-3a56-4d23-aa5d-e345acd12d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3moiyu6gmju42", "content": "[[TLP:CLEAR] JCE opravuje kritickou aktivn\u011b zneu\u017e\u00edvanou zranitelnost]\n\nCISA za\u0159adila kritickou zranitelnost (CVE-2026-48907) v Joomla Content Editor (JCE) do katalogu aktivn\u011b zneu\u017e\u00edvan\u00fdch zranitelnost\u00ed \u2b07\ufe0f. Skript pro PoC naleznete na \u2b07\ufe0f.\n\nOdkaz na webovou verzi cel\u00e9ho reportu [\u2026]", "creation_timestamp": "2026-06-17T19:02:48.253975Z"}, {"uuid": "be64f704-adb9-46ff-9930-ca1f047f036a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moir6ocvvy2n", "content": "CISA ordered federal agencies to patch CVE-2026-48907 by Friday. The max-severity JCE plugin flaw in Joomla can let attackers upload and run PHP code. Fix: JCE Pro 2.9.99.6. #Joomla #CISA #JCE", "creation_timestamp": "2026-06-17T16:45:26.381952Z"}, {"uuid": "c40c7860-bd69-4560-aa63-2cc7020a13dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojaburz2e2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.330176Z"}, {"uuid": "6fbc5272-84ea-436b-a560-df9a70b9ee03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabus7v42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.875813Z"}, {"uuid": "2c1c3b84-5807-403b-993d-c907dac79228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moj6czenx42m", "content": "Alert: CVE-2026-48907. A severe access control flaw in Widget Factory Joomla Content Editor allows unauthenticated PHP script execution. Lock down your CMS. Read our tactical engineering runbook for full IOCs and endpoint hardening steps. https://thecybermind.co/unjv\n\n\ud83d\udee1\ufe0f #CyberSecurity #CVE\u2026", "creation_timestamp": "2026-06-17T20:40:30.487888Z"}, {"uuid": "4645e685-08f5-476b-a8c6-6ce314574a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusbtm2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.409008Z"}, {"uuid": "784192cb-a639-476d-9fff-8c2e7b2a881b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabuscsu2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.930656Z"}, {"uuid": "6d23e02a-e4ea-431e-98cf-6f186bd8d2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusds42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:42.536635Z"}, {"uuid": "89f06e64-d2a7-41bc-8c7b-c10d30832f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusere2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.068487Z"}, {"uuid": "30c26aa0-4255-466d-8351-829433c61aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.602390Z"}, {"uuid": "e99e17f3-bca3-4fb2-be8f-275d5eb5634b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp52b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.144872Z"}, {"uuid": "752f28e4-f4fc-4168-9f51-59a09ec51ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusiof2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.770224Z"}]}