{"vulnerability": "cve-2026-4524", "sightings": [{"uuid": "1a52d16a-2222-406f-8399-ba92cedfd107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4524", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities_20260515", "content": "", "creation_timestamp": "2026-05-14T18:00:00.000000Z"}, {"uuid": "7084ab3c-919d-4dfb-b211-a8ceda3543d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmreimporp2w", "content": "\ud83d\udd34 CVE-2026-45247 - Critical (9.8)\n\nMirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object inject...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45247/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-26T16:01:56.201001Z"}, {"uuid": "92808a57-fc05-4d05-a9fe-e460d38d1622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/adobedigest.bsky.social/post/3mmrsr6k4ue2r", "content": "CVE-2026-45247 (CRITICAL) CVSS 9.8: https://experiencedigest.org/2026/05/26/cve-critical-cvss.html", "creation_timestamp": "2026-05-26T20:17:15.056017Z"}, {"uuid": "444ad208-91dc-4c05-bcdf-cd76a229d79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mna4iortyw2d", "content": "CRITICAL ALERT: CVE-2026-45247 in Mirasvit Magento Cache Warmer Turns Trusted Plugin into Remote Code Execution Gateway (CVSS 98) +\u00a0Video\n\nIntroduction: When Performance Optimization Becomes a Server Takeover Path In the modern eCommerce world, speed is everything. Platforms like Magento and Adobe\u2026", "creation_timestamp": "2026-06-01T12:48:44.355542Z"}, {"uuid": "9ca165f4-242f-4979-825e-61a6fff9db10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mnfvuqbey32h", "content": "~Cisa~\nCISA added CVE-2026-45247 (Mirasvit Full Page Cache Warmer Deserialization) to its KEV catalog due to active exploitation.\n-\nIOCs: CVE-2026-45247\n-\n#CISA #CVE202645247 #ThreatIntel", "creation_timestamp": "2026-06-03T20:06:09.943166Z"}, {"uuid": "1d30a0d8-25b3-47d8-997a-eeb00819bcd9", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/95748f0d-4729-4c94-9605-d8bb1c89553a", "content": "", "creation_timestamp": "2026-06-03T19:00:02.816291Z"}, {"uuid": "314a2764-2f2c-4d73-a405-a9ae2dca7f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnfu33uicp23", "content": "CISA Adds One Known Exploited Vulnerability to Catalog\nCISA has added one new vulnerability to its&nbsp; Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-45247 &nbsp;Mirasvit Full Page\u2026\n\n\ud83d\udd17 https://hnow.live/a/27163226", "creation_timestamp": "2026-06-03T19:33:56.237008Z"}, {"uuid": "1e0166e0-fc7d-46fd-9a1d-5a155e0479d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mng2xdl2uj2z", "content": "\ud83d\udccc CVE-2026-45247 - Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attacke... https://www.cyberhub.blog/cves/CVE-2026-45247", "creation_timestamp": "2026-06-03T21:37:05.985784Z"}, {"uuid": "76bf0e33-785c-48a4-a40e-68638f4851b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mngibjddyt26", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 3)\n\nCVE-2026-45247  Mirasvit \u30d5\u30eb\u30da\u30fc\u30b8\u30ad\u30e3\u30c3\u30b7\u30e5\u30a6\u30a9\u30fc\u30de\u30fc\u306e\u4fe1\u983c\u3067\u304d\u306a\u3044\u30c7\u30fc\u30bf\u306e\u9006\u30b7\u30ea\u30a2\u30eb\u5316\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-04T01:35:26.353379Z"}, {"uuid": "3bf58fbc-82a2-4305-b70d-1d25c1f9779c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/softfantw.eurosky.social/post/3mnh4rfjea22b", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog\n\nthehackernews.com/2026/06/cisa...", "creation_timestamp": "2026-06-04T07:42:15.441799Z"}, {"uuid": "14cfed48-1396-4e6e-be3d-3c524398c910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/allaboutsecurity.bsky.social/post/3mnh5yrh56c2t", "content": "CISA stuft Magento-L\u00fccke CVE-2026-45247 als aktiv ausgenutzt ein - F\u00fcr Shop-Betreiber, die den Patch noch nicht eingespielt haben, z\u00e4hlt jetzt jede Stunde.\nwww.all-about-security.de/cisa-stuft-m...\n#cve", "creation_timestamp": "2026-06-04T08:04:20.186854Z"}, {"uuid": "32042eea-8d55-4a57-b143-d57c53da9c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/it4intserver.bsky.social/post/3mnh7asvyhe2v", "content": "iT4iNT SERVER CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog VDS VPS Cloud #CISA #Cybersecurity #Magento #Vulnerabilities #RCE", "creation_timestamp": "2026-06-04T08:26:38.973248Z"}, {"uuid": "6afab9be-5061-469a-bca4-69a2d5a1fe82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnh7ehnuqx2a", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-04T08:28:44.218630Z"}, {"uuid": "4a4180f7-a44a-43b7-b639-5ae2aa21c4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnh7myv2al2p", "content": "CISA added CVE-2026-45247 to KEV after reports of active exploitation of Mirasvit Cache Warmer, enabling unauthenticated remote code execution via crafted cookie data.\n", "creation_timestamp": "2026-06-04T08:33:28.457308Z"}, {"uuid": "ff02427f-8adb-405f-a276-0c4d726648de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnh7ppnbdj2g", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog", "creation_timestamp": "2026-06-04T08:34:58.759805Z"}, {"uuid": "091cefe0-a0d9-4ecb-901a-d713a04cc8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnha5uijl22t", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog\n\nthehackernews.com/2026/06/cisa...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-04T08:42:55.705436Z"}, {"uuid": "ab7ac4e7-5d8f-4fab-bfaa-dc980b366896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mnha6riqul23", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog", "creation_timestamp": "2026-06-04T08:43:24.310030Z"}, {"uuid": "c4f5c22b-ea29-4687-a287-10280d2c011d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://t.me/ctinow/251273", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog\nhttps://ift.tt/9eoaV8q", "creation_timestamp": "2026-06-04T08:29:42.000000Z"}, {"uuid": "68fbfced-5f78-4410-a499-aa4346caf5c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnhb5hxdzf2p", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog\n\n**Critical Alert:** A severe vulnerability (CVE-2026-45247) has been identified \n\nhttps://securitycyber.uk\n\n\n\nTraining: https://www.hackthebox.com https://portswigger.net/web-security", "creation_timestamp": "2026-06-04T09:00:34.250897Z"}, {"uuid": "23bfe7e5-e334-4a6d-8741-fd7f2fc03c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mnhbkv65us2p", "content": "\ud83d\udea8 CISA KEV [CVSS 9.8 \u00b7 CRITICAL]\nCISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog\n\nhttps://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html\n\n#CISA #KEV #PatchNow", "creation_timestamp": "2026-06-04T09:08:05.806517Z"}, {"uuid": "62867294-1e97-4d11-8f7c-60169cc721d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45247", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mnhbzwyhsb2v", "content": "CISA Flags Actively Exploited Magento RCE CVE-2026-45247 \u2014 Patch Now\n\nhttps://blindthoughts.com/cisa-magento-rce-cve-2026-45247-kev\n\n#magento #rce #cisakev #vulnerability #patch", "creation_timestamp": "2026-06-04T09:16:29.652163Z"}, {"uuid": "29294fec-877e-4855-8658-aa34f5c6295a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhdnqm6pd2h", "content": "CISA added CVE-2026-45247 to its KEV catalog after active exploitation of a Mirasvit Cache Warmer flaw that can enable unauthenticated RCE in Magento stores via a crafted cookie. #CISA #Magento #Mirasvit", "creation_timestamp": "2026-06-04T09:45:28.266202Z"}, {"uuid": "9b8687be-ba92-4bbe-a097-078b2cc52816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.\n\nThe vulnerability, tracked as CVE-2026-45247 (CVSS score: 9.8), is a case of deserialization of untrusted", "creation_timestamp": "2026-06-04T05:19:33.000000Z"}, {"uuid": "ad8d7173-0f3d-41d3-a79e-ee8aa99de004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnhmfa43pi2t", "content": "CISA urged federal agencies to patch CVE-2026-45247 in Mirasvit Full Page Cache Warmer for Magento 2, exploited for unauthenticated remote code execution.\n", "creation_timestamp": "2026-06-04T12:21:45.956929Z"}, {"uuid": "d6175602-3831-4fcb-bfc9-e2b1f9aa8c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhr2stteh2k", "content": "CISA says CVE-2026-45247 in Mirasvit Full Page Cache Warmer for Magento 2 is being exploited for remote code execution. Versions before 1.11.12 are affected. Watch for suspicious CacheWarmer cookies. #CVE202645247 #Mirasvit #Magento2", "creation_timestamp": "2026-06-04T13:45:26.045678Z"}, {"uuid": "95bfd8c0-84eb-4956-a3c5-40cd02aa2df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10898", "content": "CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog \u2013 thehackernews.com\n\nThu, 04 Jun 2026 15:19:33", "creation_timestamp": "2026-06-04T12:03:00.000000Z"}, {"uuid": "ee3762de-0869-41c1-9574-5296e5f4dc7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mnjkwzxunx2a", "content": "\ud83d\udea8 EXECUTIVE ADVISORY: CISA flags CVE-2026-45247 in Mirasvit Cache Warmer as an active ransomware threat vector. Total business interruption risk. Mandatory remediation deadline is June 6, 2026. Protect your edge.\nhttps://thecybermind.co/y1lw\n\n#Cybersecurity #CISA #RiskManagement #TheCyberMind", "creation_timestamp": "2026-06-05T07:01:15.540151Z"}, {"uuid": "0a5a4980-7e81-4dbc-8b66-e739771ef8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjpiddcrm2f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-45247\n\n\u2022 CVE ID: CVE-2026-45247\n\u2022 CVSS Score: 9.8 (Critical)\n\u2022 Affected: Cisa Adds Expl\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:22:30.029959Z"}, {"uuid": "fa32a82b-6a5f-47c9-994a-cabf79764b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mnjptoazfz2q", "content": "\ud83d\udee0\ufe0f TECHNICAL DEEP-DIVE: Dissecting the Mirasvit deserialization vulnerability (CVE-2026-45247) allowing unauthenticated RCE via the CacheWarmer cookie. Full forensic breakdown, WAF mitigation scripts, and ring-fencing protocols inside. https://thecybermind.co/znl8\n\n#Infosec #PHP #AppSec\u2026", "creation_timestamp": "2026-06-05T08:28:51.310272Z"}, {"uuid": "fe6b9ae4-441b-4257-8c74-a2e49c2d94a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mnjptoazfz2q", "content": "\ud83d\udee0\ufe0f TECHNICAL DEEP-DIVE: Dissecting the Mirasvit deserialization vulnerability (CVE-2026-45247) allowing unauthenticated RCE via the CacheWarmer cookie. Full forensic breakdown, WAF mitigation scripts, and ring-fencing protocols inside. https://thecybermind.co/znl8\n\n#Infosec #PHP #AppSec\u2026", "creation_timestamp": "2026-06-05T08:28:51.334707Z"}, {"uuid": "9126c116-7267-426a-b6d3-45ccd2163a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqbmbsr42p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-45247\n\n\u2022 CVE ID: CVE-2026-45247\n\u2022 CVSS Score: 9.8 (Critical)\n\u2022 Affected: Cisa Adds Expl\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:38.316156Z"}, {"uuid": "5ee47dc5-e4ad-416a-b0fb-21f5182ac1d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqbmbsr42p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-45247\n\n\u2022 CVE ID: CVE-2026-45247\n\u2022 CVSS Score: 9.8 (Critical)\n\u2022 Affected: Cisa Adds Expl\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:38.320375Z"}, {"uuid": "11be3b31-89b6-4aeb-a4a7-c6ac8a208a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrk4kfpo2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-45247\n\n\u2022 CVE ID: CVE-2026-45247\n\u2022 CVSS Score: 9.8 (Critical)\n\u2022 Affected: Magento\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:17.549206Z"}, {"uuid": "4cf1c92d-ec20-481a-9c1c-ecadd74fa3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrk4kfpo2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-45247\n\n\u2022 CVE ID: CVE-2026-45247\n\u2022 CVSS Score: 9.8 (Critical)\n\u2022 Affected: Magento\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:17.540758Z"}, {"uuid": "914696f3-4b50-40b1-b7ea-7a91a0f46d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://www.cert.se/2026/06/cert-se-veckobrev-v23.html", "content": "", "creation_timestamp": "2026-06-05T05:50:00.000000Z"}, {"uuid": "d2b1d9de-1a55-4db6-9e1f-3fb24c8f0c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnkpi4npnu2v", "content": "Critical RCE vulnerability (CVE-2026-45247) in Magento's Mirasvit Cache Warmer extension actively exploited. Immediate update to version 1.11.12 recommended. #Magento #CyberSecurity #RCE Link: thedailytechfeed.com/critical-rem...", "creation_timestamp": "2026-06-05T17:55:04.060429Z"}, {"uuid": "597663fd-f700-476c-86a3-821d4cc62c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://t.me/true_secator/8286", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0438 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 0x12 Dark Development \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Bring Your Own RWX Region DLL (BYORWXDLL).\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u044d\u0442\u0430 \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 DLL \u0441 \u043f\u0440\u0435\u0434\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 RWX (\u0447\u0442\u0435\u043d\u0438\u0435+\u0437\u0430\u043f\u0438\u0441\u044c+\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435) \u043e\u0431\u043b\u0430\u0441\u0442\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430.\n\n2. Manifold \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 n8n MCP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u0430\u0440\u0435\u043d\u0434\u0430\u0442\u043e\u0440\u043e\u0432 \u0432 \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 n8n.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 GitHub Action \u043e\u0442 Anthropic \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Claude Code, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u044d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u0438\u043c\u0435\u044f \u043f\u0440\u0438 \u0441\u0435\u0431\u0435 \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443 \u043d\u0430 GitHub.\u00a0\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 Action \u043e\u0442 Anthropic \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0442\u043e\u0442 \u0436\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0441\u0430\u043c Action \u0438 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442.\n\n\u041e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 GMO Flatt Security, \u0430 Anthropic\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0451 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0451\u0445 \u0434\u043d\u0435\u0439. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 \u043f\u0430\u043a\u0435\u0442 claude-code-action v1.0.94. Anthropic \u043e\u0446\u0435\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0430 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0443 CVSS v4.0 \u0438 \u0432\u044b\u043f\u043b\u0430\u0442\u0438\u043b\u0430 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 SafeBreach \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u043e\u043c \u043f\u043e\u043c\u043e\u0449\u043d\u0438\u043a\u0435 Google Gemini, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0418\u0418, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u043a\u0438, \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u0432 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430\u0445.\n\n\u041e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u0445, SafeBreach \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u0446\u0435\u043b\u043e\u043c \u043d\u043e\u0432\u044b\u0439 \u043a\u043b\u0430\u0441\u0441 \u0430\u0442\u0430\u043a, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0439 Fake Context Alignment.\n\n5. \u0425\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WordPress Everest Forms Pro \u0441 4000 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0430\u0439\u0442\u0430.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e CVE-2026-3300 (CVSS: 9.8), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 1.9.12 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d 18 \u043c\u0430\u0440\u0442\u0430 2026 \u0433\u043e\u0434\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.9.13.\n\n6. \u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Cisco \u0442\u0430\u043a \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 CVE-2026-20230 \u0432 Unified Communications Manager, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432 \u0441\u0435\u0442\u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u043e\u0442\u0442\u0443\u0434\u0430 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root. Cisco \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a \u043f\u043e\u043a\u0430 \u043d\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e.\u00a0\n\n7. \u0412 Tier Zero Security \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 Mark of the Web, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 .targets NuGet. \u0417\u0430\u0434\u0430\u0447\u0438 \u0432 \u044d\u0442\u0438\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a NuGet. MSRC \u043d\u0430\u0437\u0432\u0430\u043b\u0430 \u044d\u0442\u043e \u043d\u0435 \u043e\u0448\u0438\u0431\u043a\u043e\u0439, \u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e.\n\n8. \u0412 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c\u0438 SOPlanning \u0437\u0430\u043a\u0440\u044b\u0442\u043e \u0441\u0435\u043c\u044c \u043e\u0448\u0438\u0431\u043e\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0439, \u043a\u0440\u0430\u0436\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439, \u0430\u0442\u0430\u043a \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043f\u0443\u0442\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0433\u043e \u0434\u0440\u0443\u0433\u043e\u0433\u043e.\n\n9. OpenSSL \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043d\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 PatchTuesday. \u041d\u0438\u0447\u0435\u0433\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e, \u043d\u043e \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0448\u0438\u0431\u043e\u043a \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n10. \u0418\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0419\u0435\u043d\u0438 \u0428\u0435\u0440\u0435\u0437 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 DarkReplica (CVE-2026-23631), RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Redis, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043b \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u0435\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 ZeroDayCloud.\n\n11. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 Comodo Internet Security \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u043d\u0438\u043c \u043f\u0430\u043a\u0435\u0442\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 IP \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430. \u041e\u043d\u0430 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0435 \u043e\u0442\u0432\u0435\u0442\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u041c\u0430\u0440\u043a\u0443\u0441\u0443 \u0425\u0430\u0442\u0447\u0438\u043d\u0441\u0443. PoC \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f.\n\n12. CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-45247 (CVSS 9,8) \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 Mirasvit Full Page Cache Warmer \u0434\u043b\u044f Magento 2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f RCE.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 Sansec, \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Mirasvit, \u0432\u043d\u0435\u0434\u0440\u044f\u044f \u0432 cookie-\u0444\u0430\u0439\u043b CacheWarmer \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 PHP-\u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u0430\u0441\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u044b.", "creation_timestamp": "2026-06-05T18:00:06.000000Z"}, {"uuid": "16165e5e-db3b-4c86-95b0-e3597d15fbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "Telegram/hAogTto79Jt-ZuW6Hp_UeFLdQ6LmAiGRTnFY6xKkiQBfaYY", "content": "", "creation_timestamp": "2026-06-04T21:00:04.000000Z"}, {"uuid": "bf74bbf7-b31d-4151-877d-5bbe5d669f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/cyberlensai.bsky.social/post/3mnowu7ukyz25", "content": "CVE watch: CVE-2026-45247: Mirasvit Mirasvit Full Page Cache Warmer \u2014 Mirasvit\u2026\n\nCheck exposure, dependency, and agent/tool access before panic-patching. Inventory beats vibes.\n\nSource: cisa.gov\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2026-45247", "creation_timestamp": "2026-06-07T10:17:44.393572Z"}, {"uuid": "f061dec7-00d5-4941-a710-83f4ab166d92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnupuur4em2q", "content": "\ud83d\udd34 CVE-2026-45247 (CVSS 9.8) \u2014 Magento 2 RCE. If you run Magento, patch today. securitycyber.uk", "creation_timestamp": "2026-06-09T17:28:53.105771Z"}, {"uuid": "bd494e2e-0d04-43a2-9342-0f3d04778e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnuu52lv232h", "content": "\ud83d\udd34 CRITICAL: CVE-2026-45247 \u2014 CISA Adds KEV: Critical RCE in Adobe Commerce \u2014 Active Exploitation Confirmed\n\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog", "creation_timestamp": "2026-06-09T18:44:57.729967Z"}, {"uuid": "a4f093ed-f0af-48f8-a0bd-31de99bfab91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/patchdayalert.com/post/3mnvjeobq6n2o", "content": "Magento + Mirasvit Cache Warmer = remote code execution via one cookie. CVE-2026-45247 is live, under active attack, CISA deadline Saturday. Act today.\n\npatchdayalert.com/blog/mirasvi...", "creation_timestamp": "2026-06-10T01:05:51.439332Z"}, {"uuid": "b3f528d9-41de-4044-9b42-570587616ae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnwz2hxp5r2x", "content": "\ud83d\udea8 CRITICAL \u2014 CVE-2026-45247 (CVSS 9.8)\n\nPHP object injection vulnerability allowing unauthenticated attackers to achieve remote code execution before version 1.11.12\nAffects: Mirasvit Full Page Cache Warmer for Magento 2 before v1.11.12\n\nIf you run this extension, patch immediately. Unauthenticated ", "creation_timestamp": "2026-06-10T15:18:19.269928Z"}, {"uuid": "60700e00-de42-421e-8dc9-69e1bce182c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mo4erk4fby26", "content": "\ud83d\udea8 CRITICAL \u2014 CVE-2026-45247 | CVSS 9.8 | CISA KEV ACTIVE EXPLOITATION\n\nMirasvit Full Page Cache Warmer &lt; 1.11.12 \u2014 Unauthenticated PHP Object Injection \u2192 RCE\n\nA single crafted CacheWarmer cookie on any storefront page = full unauth RCE via Magento gadget chains. CISA added to KEV 2026-06-03 (due 202", "creation_timestamp": "2026-06-12T18:31:23.298125Z"}, {"uuid": "03cfe4db-79ea-4b45-9ecf-217062cb454d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "published-proof-of-concept", "source": "Telegram/zuaenQnFGWDCKOr6rNa5-YAqq3JVsHmPVXkOzfQQMF7sHIs", "content": "", "creation_timestamp": "2026-06-10T03:00:06.000000Z"}, {"uuid": "c6a7cdbd-0009-420d-ae2d-85c6ba1d6117", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b506f4f7-f803-428f-9809-3cdb30f9afca", "content": "", "creation_timestamp": "2026-06-19T12:45:10.733854Z"}, {"uuid": "3d94d037-fbee-45b8-b225-5bf4d8f0f6a0", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45247", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8a2027fb-b891-4d63-926d-c5ccff81bc24", "content": "", "creation_timestamp": "2026-06-23T14:03:02.214945Z"}]}