{"vulnerability": "cve-2026-48907", "sightings": [{"uuid": "4ffc6e37-b1ef-4097-95f9-254c07c47c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116696680833602850", "content": "\ud83d\udea8 CRITICAL: Joomla Content Editor (JCE) vuln (CVE-2026-48907) allows unauthenticated PHP upload & exec (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE & monitor systems. Details: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #Vuln #InfoSec", "creation_timestamp": "2026-06-05T09:00:38.352983Z"}, {"uuid": "d9f7b01a-0eb7-43c8-8ec7-9174455b385e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.902780Z"}, {"uuid": "75ff94c7-b57c-4db5-a91b-b18ffc562869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48907", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnjrmkgh2423", "content": "Joomla Content Editor (JCE) CRITICAL vuln lets unauth users upload & run PHP (v1.0.0 \u2013 2.9.99.4). No patch yet \u2014 restrict or disable JCE + monitor activity. Stay updated: https://radar.offseq.com/threat/cve-2026-48907-cwe-284-improper-access-control-in--ff15bdc3 #OffSeq #Joomla #SecurityAlert", "creation_timestamp": "2026-06-05T09:00:39.901516Z"}, {"uuid": "7c774fdc-95db-4f83-be5e-6402029a2adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.768446Z"}, {"uuid": "2c752e5e-0b1c-4309-9f6a-27402122a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48907", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjqzbo4aw2q", "content": "CVE-2026-48907 - Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla\nCVE ID : CVE-2026-48907\n \n Published : June 5, 2026, 8:16 a.m. | 16\u00a0minutes ago\n \n Description : A vulnerability in the JCE editor extension for Joomla allows the cr...", "creation_timestamp": "2026-06-05T08:49:52.767565Z"}]}