{"uuid": "0794fe45-caa6-415a-b5e8-09d6c7f0ffa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116907369274600216", "content": "\ud83d\udcf0 CISA Adds Two Actively Exploited Joomla Plugin Flaws to KEV Catalog\n\ud83d\udce2 CISA KEV UPDATE: Two Joomla plugin vulnerabilities are now listed as actively exploited. CVE-2026-48939 (iCagenda) &amp; CVE-2026-56291 (Balbooa Forms) allow file uploads and server takeover. Patch immediately! #CISA #KEV #Joomla #Vulnerability\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisa-adds-joomla-icagenda-balbooa-flaws-to-kev-catalog/?utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=daily", "creation_timestamp": "2026-07-12T14:01:28.665080Z"}