CISA says attackers are exploiting a serious Adobe Commerce and Magento flaw that can let them take over vulnerable online store servers. The issue, CVE-2026-45247, is a remote-code-execution vulnerability, meaning an attacker can run their own commands on the target system from afar; CISA added it to the Known Exploited Vulnerabilities catalog, which federal agencies use to prioritize urgent fixes. Affected product and version details would follow Adobe’s advisory, and internet-exposed commerce systems are the most immediate concern.
Why it matters: Organizations running Adobe Commerce or Magento should treat this as urgent because CISA only adds bugs to KEV when there is evidence of real-world exploitation. For online stores, the risk can include site takeover, payment-data exposure, and malware implantation, so defenders should identify affected instances and patch or mitigate immediately.
Ionut Arghire
2026.06.04
97% relevant
This article is the same underlying event: active exploitation of CVE-2026-45247 and CISA adding it to KEV. It adds product-specific detail that the flaw is in the Mirasvit Full Page Cache Warmer extension, affects versions before 1.11.12, uses unsafe PHP object deserialization via the CacheWarmer cookie, and includes compromise indicators from Sansec.
info@thehackernews.com (The Hacker News)
2026.06.04
100% relevant
This article appears to establish a new tracked event: CISA's KEV addition for CVE-2026-45247 in Adobe Commerce/Magento, and no existing story in the tracker covers this specific CVE or KEV action.
← Back to all stories