{"uuid": "703c1647-25f0-4ec2-8c96-0a0822a5fc63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48909", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116785861349829350", "content": "JoomShaper SP LMS for Joomla (v1.0.0 \u2013 4.1.3) hit by CRITICAL vuln (CVE-2026-48909): unsafe cookie deserialization enables unauth RCE. No patch yet \u2014 restrict access & monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-48909-cwe-502-deserialization-of-untruste-b0460f6997894c12 #OffSeq #Joomla #CVE #infosec", "creation_timestamp": "2026-06-21T03:00:34.705588Z"}