{"uuid": "1d8ad0b8-b771-458b-a7cc-01925c27410e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "published-proof-of-concept", "source": "https://t.me/cKure/16518", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2026-48907 \u2014 JoomlaSniper v1.0 released.\n\nUnauthenticated RCE in Joomla JCE Editor (\u22642.9.99.4)\nCVSS 10.0 \u2022 Affects ALL production versions.\n\nFile upload \u2192 PHP execution in /tmp/ \u2014 no auth required.\n\nhttps://github.com/ynsmroztas/JoomlaSniper", "creation_timestamp": "2026-07-12T14:00:07.487078Z"}