CISA Lists Critical Joomla Flaws in Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two severe vulnerabilities in Joomla extensions, iCagenda and Balbooa Forms, to its Known Exploited Vulnerabilities catalog. These flaws, identified as CVE-2026-48939 and CVE-2026-56291, permit unrestricted file uploads, potentially leading to remote code execution. Federal agencies are now required to address these zero-day exploits promptly.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.