- A security update has been released to address a remote code execution vulnerability (CVE-2026-48907) in JCE products.
- Affected products include JCE versions 2.7.x, 2.8.x, and 2.9.x.
- A Vulnerability Patch is provided in the latest update.
- Updating to JCE version 2.9.99.6 or later will patch the vulnerability.
- For JCE versions 2.7.x through 2.9.x, a separate security patch must be applied following the instructions on the reference site.
- JCE users should update to the latest version and review the patch instructions on the reference site.
