--:--:--UTC

Searching APEX

Starting…

  1. Searching Threats, IOCs & Threat Intelligence locally
  2. Querying external providers
  3. Asking AI Forensic Validator
  4. Creating new entry from validated hit

0s elapsed

CVE-2026-48907

📛 CVE Title

Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

⬇ Download JSON ⚠ View as Threat

Description

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

Overview

State
PUBLISHED
Assigner (CNA)
Joomla
CVSS severity
CRITICAL
CVSS score
CVSS 10.0 / 10 10.0 10.0 / 10
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y/U:Red
Effective score
10.0 / 10 CRITICAL source: CNA overview
CWE(s)
CWE-284
Reserved
2026-05-26
Published
2026-06-05 07:31 UTC
Last updated
2026-06-05 07:31 UTC
Source
https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2026/48xxx/CVE-2026-48907.json
Linked Threat
CVE-2026-48907 — Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

Affected products (1)
VendorProductVersionsPlatforms
joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla 1.0.0-2.9.99.4 (affected)

Remediations (0)

Remediations are stored against the linked Threat row; the list below is deduplicated across both pages.

No remediations stored yet — an automatic web search has been queued to a collection agent. Please wait while we search for remediations… this page reloads automatically when results arrive.

Vendor references (1)

References embedded in the original CVE record by the assigning CNA.

Web references (0)

DuckDuckGo results ranked by threat-intel / vendor advisory domains. Generated by the 🔎 Find references (web) button above — same flow as the Remediations search.

No web references attached yet.

AI Forensic Analysis

Only Available for Registered Users. Sign in to view.

Raw JSON

The full cvelistV5 record. Download as CVE-2026-48907.json.

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Joomla Content Editor (JCE) extension for Joomla",
          "vendor": "joomlacontenteditor.net",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.0-2.9.99.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "David Jardin"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Uwe Flottemesch"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution."
            }
          ],
          "value": "A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-242",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-242: Code Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "ATTACKED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-05T07:31:30.257Z",
        "orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
        "shortName": "Joomla"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://www.joomlacontenteditor.net/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
    "assignerShortName": "Joomla",
    "cveId": "CVE-2026-48907",
    "datePublished": "2026-06-05T07:31:30.257Z",
    "dateReserved": "2026-05-26T10:06:17.657Z",
    "dateUpdated": "2026-06-05T07:31:30.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}