US CISA Adds Mirasvit Full Page Cache Warmer Vulnerability to Known Exploitable List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new known exploitable vulnerability in Mirasvit's Full Page Cache Warmer to its list of vulnerabilities. This vulnerability, identified as CVE-2026-45247, is associated with CVSS version 4.0 and scores a high severity level of 9.3.
The vulnerability exploits an injection of data via the Universal CacheWarmer cookie, which is processed by an unsecured PHP unserialize() call. Attackers can subsequently execute malicious code, leading to complete control over affected systems. This issue is particularly severe for Magento 2 users, as it allows attackers to exploit a GADs chain present in Magento and its dependencies.
Experts have identified this vulnerability at Mirasvit's Cache Warmer, a popular plugin for Full Page caching in Magento. The communication explains that the use of a single cookie designed on any page storefront can lead to potential remote code execution attacks.
Researchers estimate that around 100 Magento stores will be affected by this vulnerability. CISA has stated that exploitation attempts can be detected by searching for a particularly suspicious CacheWarmer value containing serialized objects encoded in base64, leaving a clear request signature.
Source: Security Affairs