HIGHVulnerability
Verified
Global

CISA KEV: Mirasvit Mirasvit Full Page Cache Warmer — Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability

·Source: CISA KEV

Updated:

Executive Summary

Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie.

Analysis

Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-03. Remediation due: 2026-06-06.

Indicators of Compromise (1)

CVE (1)
CVE-2026-45247
Source Attribution

Originally published by CISA KEV on Jun 3, 2026. Verified by: CISA.

Related Threats