Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

The U.S. CISA Adds Four Vulnerabilities to its Known Exploited Vulnerabilities Catalog: A Growing Concern for Cybersecurity



The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws. These vulnerabilities pose significant risks for cyber attacks that could result in arbitrary code execution, authorization bypasses, and the exploitation of sensitive credentials. Experts recommend urgent action to address these vulnerabilities to protect against potential cyber threats.

  • The U.S. CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
  • CVE-2026-48282, CVE-2026-48908, CVE-2026-55255, and CVE-2026-56290 are the newly added vulnerabilities.
  • CVE-2026-48282 allows for arbitrary code execution without authentication.
  • The attackers started exploiting CVE-2026-48282 in attacks within two hours of its public disclosure.
  • Attackers exploited other Langflow vulnerabilities between June 22 and 25, including CVE-2026-55255.
  • CVE-2026-56290 is being used to install web shells on sites using Page Builder CK.
  • CISA orders federal agencies to fix the vulnerabilities by July 10, 2026.



  • U.S. CISA adds four vulnerabilities, namely Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws, to its Known Exploited Vulnerabilities (KEV) catalog.

    The four added vulnerabilities are CVE-2026-48282, a maximum-severity vulnerability in Adobe ColdFusion that could result in arbitrary code execution without authentication; CVE-2026-48908, an unrestricted upload of file with dangerous type vulnerability in JoomShaper SP Page Builder; CVE-2026-55255, an authorization bypass through user-controlled key vulnerability in Langflow; and CVE-2026-56290, a critical vulnerability in Joomlack Page Builder that allows unauthenticated attackers to execute code remotely on vulnerable servers.

    KEVIntel researchers reported that less than two hours after details of CVE-2026-48282 became public, attackers started exploiting it in attacks in the wild. KEVIntel founder Ryan Dewhurst reported that the attacks originated from the IP address 103.207.14[.]220 by an attacker located in India.

    According to Sysdig researchers, attackers exploited both CVE-2026-55255 and CVE-2026-33017 in Langflow between June 22 and 25. The attacker combined an authentication bypass with a remote code execution flaw to access exposed servers, steal LLM provider and AWS keys, and attempt to deploy additional malware.

    The fourth vulnerability, CVE-2026-56290, is being used by attackers to install web shells on sites using Page Builder CK. Website owners should update their websites to SP Page Builder 6.6.2+ and Page Builder CK 3.6.0+, and check for suspicious PHP files in upload and media folders.

    CISA orders federal agencies to urgently fix the vulnerabilities by July 10, 2026. Experts also recommend that private organizations review the catalog and address the vulnerabilities in their infrastructure.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-US-CISA-Adds-Four-Vulnerabilities-to-its-Known-Exploited-Vulnerabilities-Catalog-A-Growing-Concern-for-Cybersecurity-ehn.shtml

  • https://securityaffairs.com/194927/hacking/u-s-cisa-adds-adobe-coldfusion-joomlack-page-builder-langflow-and-joomshaper-sp-page-builder-flaws-to-its-known-exploited-vulnerabilities-catalog.html

  • https://nvd.nist.gov/vuln/detail/CVE-2026-48282

  • https://www.cvedetails.com/cve/CVE-2026-48282/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-48908

  • https://www.cvedetails.com/cve/CVE-2026-48908/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-55255

  • https://www.cvedetails.com/cve/CVE-2026-55255/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-56290

  • https://www.cvedetails.com/cve/CVE-2026-56290/

  • https://nvd.nist.gov/vuln/detail/CVE-2026-33017

  • https://www.cvedetails.com/cve/CVE-2026-33017/


  • Published: Wed Jul 8 04:29:34 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us