Vulnerability Management

CISA adds iCagenda and Balbooa Forms vulnerabilities to known exploited catalog

As reported by Security Affairs, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities affecting Joomla extensions, iCagenda and Balbooa Forms, to its Known Exploited Vulnerabilities (KEV) catalog. This inclusion mandates federal agencies to address these flaws by July 13, 2026.

The vulnerabilities, CVE-2026-48939 affecting iCagenda and CVE-2026-56291 affecting Balbooa Forms, both allow for unrestricted file uploads. Specifically, attackers can exploit these flaws to upload dangerous file types, including PHP code, leading to remote code execution (RCE). iCagenda is an open-source event management extension for Joomla, while Balbooa Forms is a commercial form builder. The high severity of these vulnerabilities, with CVE-2026-48939 having a CVSS score of 10.0, poses a significant risk to websites utilizing these extensions.

CISA's Binding Operational Directive 22-01 requires federal agencies to remediate these vulnerabilities to prevent exploitation. Private organizations are also strongly advised to review the KEV catalog and patch their systems accordingly.

Source: Security Affairs

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds