The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild.The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below – CVE-2026-48939 – A vulnerability in the
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/07/icagenda-and-balbooa-forms-joomla-flaws.html
![]()

