The cybersecurity world is abuzz with the recent addition of a critical vulnerability to the CISA's Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, CVE-2026-45247, affects Mirasvit Cache Warmer, a popular Magento full-page cache extension, and has been actively exploited in the wild. The issue lies in the deserialization of untrusted data, which can be exploited to execute arbitrary PHP code on an affected server. This is a serious concern, as it allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. The vulnerability impacts all versions of the extension prior to version 1.11.12, and patches were released on May 25, 2026. The addition of this vulnerability to the KEV catalog is a wake-up call for organizations to take immediate action. The threat is real, and the consequences can be devastating. The vulnerability has been actively exploited, with attackers targeting gaming and business sites in the U.S., the U.K., France, and Australia. The end goal appears to be to flag vulnerable Magento environments and confirm remote code execution is possible. The Federal Civilian Executive Branch (FCEB) agencies have been ordered to apply the fixes by June 6, 2026. To detect potential exploitation efforts, site owners are advised to audit for storefront requests that carry a CacheWarmer cookie whose value contains the marker 'CacheWarmer:' followed by a Base64-encoded string. This is a strong indicator of an exploitation attempt. The situation is dire, and the need for action is urgent. The cybersecurity community must remain vigilant and proactive in the face of such threats. The addition of this vulnerability to the KEV catalog is a reminder that no system is immune to attack, and that organizations must take steps to protect their systems and data. The threat landscape is constantly evolving, and the need for strong cybersecurity measures is more important than ever. The Mirasvit Cache Warmer vulnerability is a stark reminder of the importance of staying ahead of the curve in the world of cybersecurity. It is a call to action for organizations to take the necessary steps to protect their systems and data from potential threats. The cybersecurity community must remain vigilant and proactive in the face of such threats, and the KEV catalog is a valuable resource in the fight against cybercrime.
