HIGHVulnerability
Verified
Global
CISA KEV: Mirasvit Mirasvit Full Page Cache Warmer — Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
·Source: CISA KEV
Updated:
Executive Summary
Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie.
Analysis
Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-03. Remediation due: 2026-06-06.