Post
CRITICAL

Actively Exploited Magento RCE CVE-2026-45247 Added to CISA KEV

· rce · cve · vulnerability · appsec

CISA added CVE-2026-45247 to its Known Exploited Vulnerabilities (KEV) catalog following confirmed in-the-wild exploitation. The flaw is a deserialization vulnerability in the Mirasvit Cache Warmer Magento extension (CVSS 9.8), enabling unauthenticated remote code execution. Any Magento/Adobe Commerce deployment running the Cache Warmer extension is directly at risk. Operators should patch immediately, review server logs for signs of pre-patch compromise (unexpected PHP processes, new admin accounts, web shells), and audit other installed extensions for similar deserialization patterns. Federal agencies under BOD 22-01 must remediate within the KEV-mandated deadline.