{"vulnerability": "CVE-2026-48908", "sightings": [{"uuid": "a148f6ba-74cc-488c-a994-be3ffdfbd83d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3mosbytrxib2v", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-48908\n\nA vulnerability in the SP Page Builder for Joomla allows the upload of arbitrary files for unauthenticated users, ultimately resulting in PHP code ...", "creation_timestamp": "2026-06-21T11:40:21.437007Z"}, {"uuid": "193561c6-7769-4222-8d0c-77be56086404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48908", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mopxorztly2f", "content": "SP Page Builder for Joomla hit by CRITICAL vuln (CVE-2026-48908, CVSS 10) \u2014 unauthenticated PHP uploads possible. Restrict/disable extension & monitor your site. No patch yet. https://radar.offseq.com/threat/cve-2026-48908-cwe-284-improper-access-control-in--a8937f9d4a0573e0 #OffSeq #Joomla #Vuln...", "creation_timestamp": "2026-06-20T13:30:28.248311Z"}, {"uuid": "7ee39bd0-2235-4d22-9d2b-074fe981fcbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116782676365105563", "content": "CRITICAL vuln (CVSS 10) in Joomla SP Page Builder (1.0.0 \u2013 6.6.1): CVE-2026-48908 enables unauthenticated PHP uploads, risking full compromise. No patch yet \u2014 restrict/disable extension, monitor activity. Details: https://radar.offseq.com/threat/cve-2026-48908-cwe-284-improper-access-control-in--a8937f9d4a0573e0 #OffSeq #Joomla #CVE #AppSec", "creation_timestamp": "2026-06-20T13:30:35.322922Z"}, {"uuid": "d7da2b2f-8e7b-461b-b038-bde411e4bd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mopy7rua3k2d", "content": "CVE-2026-48908 - Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla\nCVE ID : CVE-2026-48908\n \n Published : June 20, 2026, 11:57 a.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : A vulnerability in the SP Page Builder for Joomla allows...", "creation_timestamp": "2026-06-20T13:39:57.293723Z"}, {"uuid": "32ba867c-00fb-4820-b26e-41d72ab63351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48908", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116788487271185894", "content": "It is possible to see elevated activities targeting joomshaper SP Page Builder extension for Joomla (CVE-2026-48908) https://vuldb.com/vuln/372537/cti", "creation_timestamp": "2026-06-21T14:10:21.913422Z"}]}