CVE-2026-45247 in Mirasvit Cache Warmer for Magento is a CISA KEV-confirmed, unauthenticated RCE vulnerability with active attack traffic observed by Imperva. Any Magento storefront running Cache Warmer prior to version 1.11.12 is fully compromisable via a crafted cookie with no authentication required. Upgrade to 1.11.12 immediately or disable the extension.