CISA adds iCagenda and Balbooa Forms vulnerabilities to known exploited catalog
The vulnerabilities, CVE-2026-48939 affecting iCagenda and CVE-2026-56291 affecting Balbooa Forms, both allow for unrestricted file uploads.
Read the full articleYou might also wanna read
CISA warns of actively exploited RCE flaws in Joomla extensions
CISA has issued a warning about actively exploited remote code execution (RCE) vulnerabilities in two Joomla extensions: iCagenda and Balboo
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balboo
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balboo

Emerging Threat: (CVE-2026-56291) Balbooa Forms Remote Code Execution via Unauthenticated File Upload
An unauthenticated file upload flaw in Balbooa Forms for Joomla lets any anonymous visitor drop a PHP file into a public folder, resulting i
CISA warns of actively exploited RCE flaws in Joomla extensions
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda an
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog awallace Jul 10, 2026 Release Date July 10, 2026 Description CISA has added two new

Comments
Sign in to join the conversation.
No comments yet. Be the first.