URL has been copied successfully!
CISA Warns of Actively Exploited Joomla Zero-Day Vulnerabilities
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

CISA Warns of Actively Exploited Joomla Zero-Day Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-48939 and CVE-2026-56291 to its Known Exploited Vulnerabilities (KEV) catalog after reports confirmed active zero-day attacks targeting the iCagenda and Balbooa extensions for Joomla. Both flaws carry the maximum CVSS severity score of 10.0 and can allow attackers to upload malicious files that ultimately lead to remote code execution.

First seen on thecyberexpress.com

Jump to article: thecyberexpress.com/cisa-cve-2026-48939-cve-2026-56291/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link