{"vulnerability": "cve-2026-48907", "sightings": [{"uuid": "7c774fdc-95db-4f83-be5e-6402029a2adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.768446Z"}, {"uuid": "2c752e5e-0b1c-4309-9f6a-27402122a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.767565Z"}, {"uuid": "4ffc6e37-b1ef-4097-95f9-254c07c47c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116696680833602850", "content": "\ud83d\udea8 CRITICAL: Joomla Content Editor (JCE) vuln (CVE-2026-48907) allows unauthenticated PHP upload & exec (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE & monitor systems. Details: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #Vuln #InfoSec", "creation_timestamp": "2026-06-05T09:00:38.352983Z"}, {"uuid": "d9f7b01a-0eb7-43c8-8ec7-9174455b385e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.902780Z"}, {"uuid": "75ff94c7-b57c-4db5-a91b-b18ffc562869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.901516Z"}, {"uuid": "77ba11c9-dd08-4b44-881a-d31629e80f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-48907.yaml", "content": "", "creation_timestamp": "2026-06-11T15:38:57.000000Z"}, {"uuid": "6e7da8eb-ecaa-4cc9-b4bd-6755e44a67b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mod2vypzwg22", "content": "CVE-2026-48907 (CVSS 100): The Unauthenticated RCE That Turns Your Joomla Site into a Pwned Statistic +\u00a0Video\n\nIntroduction: A new zero\u2011click Remote Code Execution (RCE) vulnerability has been discovered in the popular Joomla Content Editor (JCE) extension. Tracked as CVE\u20112026\u201148907 and carrying a\u2026", "creation_timestamp": "2026-06-15T10:23:34.069509Z"}, {"uuid": "abe88bc5-c055-4d63-ad53-c7f0a1f6cfac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://www.acn.gov.it/portale/w/joomla-jce-sfruttamento-attivo-in-rete-della-cve-2026-48907", "content": "Rilevato sfruttamento attivo in rete della CVE-2026-48907 \u2013 gi\u00e0 sanata dal vendor \u2013 presente nel plugin Joomla Content Editor (JCE) estensione per il noto CMS Joomla! utilizzata per la gestione avanzata dei contenuti, Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati.", "creation_timestamp": "2026-06-15T11:32:15.000000Z"}, {"uuid": "e1ada4c7-b083-447a-b53c-efd5a5ba9682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mogkt2xx362u", "content": "\ud83d\uded1 CVE-2026-48907\nWidget Factory Joomla Content Editor\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in the JCE editor extension for Joomla allows the creat\u2026\nhttps://cvesentinel.com/report/CVE-2026-48907?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-16T19:46:14.387856Z"}, {"uuid": "f99098c7-a2d3-4114-be78-1866ace92fb9", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b71394c1-e100-4ea5-9f11-216c0892d268", "content": "", "creation_timestamp": "2026-06-16T20:00:01.385475Z"}, {"uuid": "29e14271-14a8-4754-9fc4-a196849370e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/secdb.bsky.social/post/3mogoxjqp6j2k", "content": "\ud83d\udea8 CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0616)\n\n\u26a0\ufe0f CVE-2026-48907 - Widget Factory Joomla Content Editor Improper Access Control Vulnerability\n\n\n#ZEN #SecDB #InfoSec #CISA_KEV", "creation_timestamp": "2026-06-16T21:00:18.882316Z"}, {"uuid": "1921f669-6a0a-4b81-96ff-bc620e134365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mohosgpgxs24", "content": "CISA warns of active exploitation of Joomla JCE vulnerability CVE-2026-48907; update to version 2.9.99.5 now. #Cybersecurity #Joomla #CISA #Vulnerability #PHP #CMS thedailytechfeed.com/cisa-alerts-...", "creation_timestamp": "2026-06-17T06:30:08.689925Z"}, {"uuid": "fba7ff49-102b-4845-b96c-d0395d9a4b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mohoxuuzhd2v", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog  #CISA (Jun 16)\n\nCVE-2026-48907 Widget Factory Joomla\u30b3\u30f3\u30c6\u30f3\u30c4\u30a8\u30c7\u30a3\u30bf\u30fc\u306e\u4e0d\u9069\u5207\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-17T06:33:10.225340Z"}, {"uuid": "7812cb5b-d5bb-41cb-a83c-04fc8f074b9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "content": "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary", "creation_timestamp": "2026-06-17T03:50:46.000000Z"}, {"uuid": "857e3d31-95f4-4c42-a1bc-a988ec53b93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mohx74eegi2l", "content": "Joomla JCE CVE-2026-48907 and LiteSpeed cPanel CVE-2026-54420 are being actively exploited, enabling file uploads, PHP execution, and possible root escalation on shared hosting servers. #Joomla #LiteSpeed #CISA", "creation_timestamp": "2026-06-17T09:00:23.896971Z"}, {"uuid": "8c38ce12-9dc7-414b-a1f5-8531c987f339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mohsppl7pam2", "content": "CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution TheHackerNews CISA added CVE-2026-48907 in Joomla JCE to its KEV catalog after active exploitation; fixes are due by Jun...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-17T07:41:20.325740Z"}, {"uuid": "2d7320f2-9f86-4573-8fe0-50a51bbbd253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mohvil276i2h", "content": "Joomla JCE\u306bPHP\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u8a31\u3059\u8106\u5f31\u6027(CVE-2026-48907)\u304c\u767a\u898b\u3055\u308c\u3001CISA\u304c\u6ce8\u610f\u559a\u8d77\u3002\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u3002", "creation_timestamp": "2026-06-17T08:29:53.827874Z"}, {"uuid": "68a5ef0e-22cd-469d-ba9f-7e9d975a7c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3moi6zikyzp2k", "content": "\ud83d\udea8 Critical improper access control vulnerability tagged CVE-2026-48907, affecting Joomla Content Editor is seeing active exploitation in the wild (reported by CISA)\n\nVulnerability detection script:\ngithub.com/rxerium/rxer...\n\nPatches and mitigations:\nwww.sentinelone.com/vulnerabilit...", "creation_timestamp": "2026-06-17T11:20:26.070487Z"}, {"uuid": "8f969ee7-97ac-4506-bd0a-165bb98c0ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3moibayxngn24", "content": "Joomla Widget Factory JCE: CISA lists CVE-2026-48907 (CVSS 10.0) as actively exploited. Patch immediately and review for PHP code execution attempts. #Cybersecurity #Vulnerability #ThreatIntel\n\nSource: https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html", "creation_timestamp": "2026-06-17T12:00:57.090849Z"}, {"uuid": "3ba0b8f9-85a8-4f56-a4b4-975d1f729297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2x2tc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:52.010098Z"}, {"uuid": "3613b729-9507-4279-9db8-71565aa35188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xbo22d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:53.143029Z"}, {"uuid": "5ba52d4b-5e13-4ef9-9e62-7557ec20380b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnc2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:54.235120Z"}, {"uuid": "74bc999d-01fe-436b-8e2a-67f85581ce21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xcnd2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:55.385274Z"}, {"uuid": "cf1b9f58-32bf-4598-8e50-791b2d56ec47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3moidu2xelt2d", "content": "Forecast: expect more AI package-ecosystem targeting: account takeovers, poisoned postinstall hooks, helper-package compromises. KEV side-note: patch exposed Joomla/JCE CVE-2026-48907 now. Refs: Microsoft X, Mastra incident report, Endor Labs, CISA KEV.", "creation_timestamp": "2026-06-17T12:46:56.483859Z"}, {"uuid": "f04bd0eb-6fd9-4a2a-b9e2-f17b247de07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moiq64m53y2u", "content": "URGENT: CVE-2026-48907 is seeing active exploitation in Joomla! JCE extensions. This critical RCE flaw allows unauthenticated attackers to take full control. Read our executive remediation brief to harden your environment now.\nhttps://thecybermind.co/ic6z\n#CyberSecurity #Joomla #Infosec #KEV", "creation_timestamp": "2026-06-17T16:27:13.799834Z"}, {"uuid": "be64f704-adb9-46ff-9930-ca1f047f036a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moir6ocvvy2n", "content": "CISA ordered federal agencies to patch CVE-2026-48907 by Friday. The max-severity JCE plugin flaw in Joomla can let attackers upload and run PHP code. Fix: JCE Pro 2.9.99.6. #Joomla #CISA #JCE", "creation_timestamp": "2026-06-17T16:45:26.381952Z"}, {"uuid": "9ee4d054-3a56-4d23-aa5d-e345acd12d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cesnet-certs.mastodonczech.cz.ap.brid.gy/post/3moiyu6gmju42", "content": "[[TLP:CLEAR] JCE opravuje kritickou aktivn\u011b zneu\u017e\u00edvanou zranitelnost]\n\nCISA za\u0159adila kritickou zranitelnost (CVE-2026-48907) v Joomla Content Editor (JCE) do katalogu aktivn\u011b zneu\u017e\u00edvan\u00fdch zranitelnost\u00ed \u2b07\ufe0f. Skript pro PoC naleznete na \u2b07\ufe0f.\n\nOdkaz na webovou verzi cel\u00e9ho reportu [\u2026]", "creation_timestamp": "2026-06-17T19:02:48.253975Z"}, {"uuid": "2c1c3b84-5807-403b-993d-c907dac79228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3moj6czenx42m", "content": "Alert: CVE-2026-48907. A severe access control flaw in Widget Factory Joomla Content Editor allows unauthenticated PHP script execution. Lock down your CMS. Read our tactical engineering runbook for full IOCs and endpoint hardening steps. https://thecybermind.co/unjv\n\n\ud83d\udee1\ufe0f #CyberSecurity #CVE\u2026", "creation_timestamp": "2026-06-17T20:40:30.487888Z"}, {"uuid": "c40c7860-bd69-4560-aa63-2cc7020a13dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojaburz2e2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.330176Z"}, {"uuid": "6fbc5272-84ea-436b-a560-df9a70b9ee03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabus7v42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:40.875813Z"}, {"uuid": "4645e685-08f5-476b-a8c6-6ce314574a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusbtm2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.409008Z"}, {"uuid": "784192cb-a639-476d-9fff-8c2e7b2a881b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabuscsu2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:41.930656Z"}, {"uuid": "6d23e02a-e4ea-431e-98cf-6f186bd8d2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusds42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:42.536635Z"}, {"uuid": "89f06e64-d2a7-41bc-8c7b-c10d30832f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusere2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.068487Z"}, {"uuid": "30c26aa0-4255-466d-8351-829433c61aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp42b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:43.602390Z"}, {"uuid": "e99e17f3-bca3-4fb2-be8f-275d5eb5634b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabushp52b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.144872Z"}, {"uuid": "752f28e4-f4fc-4168-9f51-59a09ec51ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mojabusiof2b", "content": "1/ \u26a0\ufe0f Joomla JCE CVE-2026-48907 just hit CISA's KEV list with a PERFECT 10.0 score. No auth needed. Attackers upload PHP shells and own your server. Botnets already scanning. Update JCE to 2.9.99.5 right now.", "creation_timestamp": "2026-06-17T21:15:44.770224Z"}, {"uuid": "a622d88a-9c00-470c-b6f9-fc16e8fbbde5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gfzf2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:42.655264Z"}, {"uuid": "75895b36-3960-4e4f-a93d-b8e1a46b2afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gmu52b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:43.693974Z"}, {"uuid": "f5c896a2-f446-4dd7-b8dc-a4bbd1513df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gntf2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:44.846917Z"}, {"uuid": "d0ea7159-2b11-4312-82d6-cc2bb993c540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gosn2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:45.909498Z"}, {"uuid": "48dbcdf9-5a54-477e-a825-fdd93db4bd4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gprv2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:47.172205Z"}, {"uuid": "ea2b1c3d-40c0-4632-9eb3-fed45d1c05ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gqr52b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:48.237933Z"}, {"uuid": "7f3c6c20-4879-4dff-af8d-5a6f67d6a1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gqr62b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:49.403795Z"}, {"uuid": "77f44c1c-cce5-4019-b7d8-ba29a5be04bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gspo2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:50.484915Z"}, {"uuid": "22ba0403-e53a-42df-a1ba-97c7d5ddecd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mokzz3gtow2b", "content": "5/ \u26a0\ufe0f Joomla CVE-2026-48907 CVSS 10.0 \u2014 CISA just added it to the Known Exploited Vulnerabilities list. Unauthenticated PHP code execution. If you run Joomla, patch it now. Today. Not this week. TODAY.", "creation_timestamp": "2026-06-18T14:28:51.492949Z"}, {"uuid": "f96ec00e-7860-40df-96a3-20995ed8c555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tr7k22e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:46.708222Z"}, {"uuid": "9d79b05c-8279-42ef-8341-248bc685b1e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tqxq22e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:45.254937Z"}, {"uuid": "b8c3e5f1-4c48-4426-9179-29c1499c621e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7tr6ks2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:46.032053Z"}, {"uuid": "f1a6c097-2754-45fa-9ebc-e84e782dbb49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trbil2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:48.703466Z"}, {"uuid": "1da7445f-5308-4a63-a423-f680e87c7ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trajc2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:47.411164Z"}, {"uuid": "fc67b73f-f91f-4a0c-be6b-489e81f0085b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trajd2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:48.074860Z"}, {"uuid": "75902e0e-de22-4cca-83c4-9797e4d11e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/alphahunt.io/post/3molb7trbim2e", "content": "KEV pressure sharpened too: Joomla/JCE CVE-2026-48907 remains patch-and-hunt now, with EPSS up to 93rd percentile. Check Point CVE-2026-50751 is worse: CISA lists known ransomware use and EPSS is ~98th percentile.", "creation_timestamp": "2026-06-18T16:37:49.492840Z"}, {"uuid": "ac763424-1a5a-4ef6-87ee-7de539f441f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "Telegram/WWWHczf5cNnqk0Vv0lWj7tyigbd43npSKH3-Z1auyWOYzQ", "content": "", "creation_timestamp": "2026-06-17T07:07:14.000000Z"}, {"uuid": "d6ccdbc4-5fa9-43a3-8648-94439dc78833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/Twzxtbvyqic9grgE7JaZrbs3i9BOrZG8PBBvMyWgrTB7Ya8", "content": "", "creation_timestamp": "2026-06-09T19:00:13.000000Z"}, {"uuid": "15d7ad7f-d022-4b09-a704-9a283c601423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/avQcqITCN0CdPqbu_zPd1c2U29MoQRx_NSjCudrYTZic4II", "content": "", "creation_timestamp": "2026-06-09T23:00:05.000000Z"}, {"uuid": "32ef3d2a-c5e1-4364-bfa1-9714b397e3bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/fCG7WKzSZ3J5MxWk4q33cwgoeWrsZeYEI50sN5k5RlUMOc4", "content": "", "creation_timestamp": "2026-06-11T23:00:06.000000Z"}, {"uuid": "753f7a0e-9a11-4704-894f-748a4ae5d695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/YXCyRYfB5puG4zVuSsqFt0CqpucG34vnwOdsG1DKfw8sOUE", "content": "", "creation_timestamp": "2026-06-12T11:00:12.000000Z"}, {"uuid": "3e7ca6fb-f623-4e30-9f5a-abe3bdb2204e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/dt0AF8_y_UrMLbm3nbIzl56WQ7K0nt860xLQHDp_bOOwKbw", "content": "", "creation_timestamp": "2026-06-13T15:00:16.000000Z"}, {"uuid": "15130c9e-0108-46d4-8a10-7d12bfb2c4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/ycLXaxSGB-_ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y", "content": "", "creation_timestamp": "2026-06-12T15:00:07.000000Z"}, {"uuid": "d2529373-f022-451c-aab8-d0416873f3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "Telegram/qE6f29_aVOJA4ORgQTQStDqLz7TqoxzfPbinGVmKV8o4EU8", "content": "", "creation_timestamp": "2026-06-11T15:00:13.000000Z"}, {"uuid": "89fd45b6-5d55-400c-b984-fc063be6e674", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/54492054-44e9-4990-9354-de0b7df1fce0", "content": "", "creation_timestamp": "2026-06-19T12:45:05.539982Z"}, {"uuid": "be2119a7-8a9f-469d-9801-bb5f7451eb53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3monw2r2oet2r", "content": "CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack", "creation_timestamp": "2026-06-19T17:56:01.597794Z"}, {"uuid": "b5a2bdbe-1901-407f-860d-62855ee27588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mooobp7it32m", "content": "Any website running the Joomla Content Editor extension can be taken over right now. CISA added CVE-2026-48907, a maximum-severity flaw scoring 10.0, to its known-exploited list. Unauthenticated attackers create editor profiles, then upload and run PHP code. Public exploit. Fix: JCE 2.9.99.5.", "creation_timestamp": "2026-06-20T01:09:24.591270Z"}, {"uuid": "c402fe20-33f0-45a8-8307-aa900b94cb7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mota7ywdm226", "content": "CVE-2026-48907 (CVSS 10.0) \u2014 Joomla JCE plugin: upload rogue editor profile \u2192 PHP web shell. Exploitation automatizzata ITW. CISA KEV, deadline FCEB: oggi. Patch: JCE 2.9.99.5. #Joomla #CISAKEV", "creation_timestamp": "2026-06-21T20:41:14.299105Z"}, {"uuid": "98b89684-f7f7-4e4f-954f-5305c5d7d716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mou7kezi552n", "content": "\ud83d\udea8  ALERT: CVE-2026-48907\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nA vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.\n\n\ud83c\udfaf WHO'S AFFECTED:\n  \u2022 Jce\n\n\u2694\ufe0f HOW IT'S EXPLOITED:\nAttack vector: N", "creation_timestamp": "2026-06-22T06:01:49.001066Z"}, {"uuid": "9674ba59-37d6-4486-96f5-bf5185975b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mouwfnax522r", "content": "\ud83d\udea8 CISA just added another Joomla bug to its active exploits list. That's three this year.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-21/\n\n#InfoSec #DataBreach", "creation_timestamp": "2026-06-22T12:50:45.103170Z"}, {"uuid": "8c0368a3-e38e-45b5-a2eb-d1773ad895aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mox7eshbps2k", "content": "\u26a0\ufe0f CISA just added another Joomla bug to its exploited list. How many are still unpatched in your environment?\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-21/\n\n#CyberSecurity #Security", "creation_timestamp": "2026-06-23T10:36:39.988959Z"}, {"uuid": "604041ed-cc6a-4bca-8035-af1ca5dd5660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/116799252848428119", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild & on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\nhttps://dashboard.shadowserver.org/statistics/combined/map/?date_range=1&map_type=std&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-48907%2B&data_set=count&scale=log&auto_update=on\nRaw IP data shared in our Vulnerable HTTP reporting https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2026-48907' filtered by network/constituency\nDashboard Tree Map view: https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=http_vulnerable&source=http_vulnerable6&tag=cve-2026-48907%2B&data_set=count&scale=log&auto_update=on\nPatch info: https://www.joomlacontenteditor.net/news/jce-security-update-and-a-free-patch-for-older-sites", "creation_timestamp": "2026-06-23T11:46:03.212247Z"}, {"uuid": "695f232c-6924-48f9-818b-3b5254e44962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3moxddmglwk2b", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild & on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\n\ndashboard.shadowserver.org/statistics/c...", "creation_timestamp": "2026-06-23T11:47:42.936658Z"}, {"uuid": "c30790da-9169-4eab-80c7-72e3bfe156e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3moxddqwy2c2b", "content": "Last week we added scanning for Joomla JCE editor extension CVE-2026-48907 vulnerable instances. This RCE vulnerability is exploited in the wild & on US CISA KEV.  4840 vulnerable instances seen 2026-06-22 down from 5146 on 2026-06-19. Top affected: US\n\ndashboard.shadowserver.org/statistics/c...", "creation_timestamp": "2026-06-23T11:47:43.750103Z"}, {"uuid": "fd24c918-a3bf-4508-85fd-23fed150c9a9", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0f2302f3-00e7-4d90-86fc-886701fba25b", "content": "", "creation_timestamp": "2026-06-23T14:02:57.116293Z"}, {"uuid": "708f5606-d759-4e23-bc63-1735743d3003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3moxxxkctdg2v", "content": "Third critical CVE added to CISA's KEV list this month. Same pattern every time.\n\nCVE-2026-48907.\n\nhttps://www.yazoul.net/news/article/cisa-warns-of-actively-exploited-joomla-jce-flaw-allowing-php-code-execution/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-23T17:56:38.852227Z"}]}