logo

iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

ID: 89e0607c-96b6-5f7c-a415-9d98159db0dd

STIX ID: report--89e0607c-96b6-5f7c-a415-9d98159db0dd

Feed Name: The Hacker News

Threat Score
85/100

Date Published: 2026-07-13

Date Updated: 2026-07-13

Author: [email protected] (The Hacker News)

...
...

CISA added two maximum-severity (CVSS 10.0) Joomla extension vulnerabilities—iCagenda (CVE-2026-48939) and Balbooa Forms (CVE-2026-56291)—to its Known Exploited Vulnerabilities list after reports of zero-day exploitation that allow unauthenticated arbitrary file upload and remote code execution; vendors released patches and IOCs advise checking upload folders and admin accounts while ACSC warns of a global CMS-targeting campaign deploying web shells.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.