CISA Warns of Actively Exploited Magento Plugin Flaw Enabling Remote Code Execution

Urgent patch needed for Mirasvit vulnerability in Magento 2. CVE-2026-45247 allows remote code execution, posing a high risk to stores.

By Content Team

Jun 6, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

CISA is urging federal agencies to patch a critical vulnerability in the Mirasvit Full Page Cache Warmer extension for Magento 2 within three days. The flaw, CVE-2026-45247, carries a near-perfect CVSS score of 9.8 and requires no authentication to exploit.

Attackers inject malicious PHP objects through the CacheWarmer cookie, which escalates to full remote code execution on Magento and Adobe Commerce servers. Imperva reports active exploitation began shortly after public disclosure on May 26. Thousands of stores are at risk — any running a version before 1.11.12 should update immediately.

Source: SecurityWeek

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Microsoft Exchange Zero-Day Under Attack, No Patch Available

May 19, 2026

North Korea's Lazarus Group Is Now Targeting Mac Users With a Sneaky New Trick

Apr 25, 2026

Asian Cyberspy Group Infiltrates Government Systems Across 37 Countries

Feb 9, 2026

Fresh Wave of Mini Shai-Hulud Malware Targets Developer Supply Chain

May 13, 2026