Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

U.S. CISA Adds iCagenda and Balbooa Forms Vulnerabilities to Known Exploited Vulnerabilities Catalog



U.S. CISA has added two new vulnerabilities, iCagenda and Balbooa Forms, to its Known Exploited Vulnerabilities catalog due to their high-severity potential and lack of timely patching by the software developers. Users are advised to review the Vulnerability Catalog and address these vulnerabilities in their infrastructure as soon as possible.

  • iCagenda and Balbooa Forms have been added to CISA's Known Exploited Vulnerabilities catalog with a CVSS score of 10.0.
  • iCagenda allows for arbitrary file uploads, leading to a PHP code upload and execution vulnerability.
  • Balbooa Forms has an unauthenticated arbitrary file upload that allows uploading executable files and leads to full Remote Code Execution (RCE).
  • CISA recommends addressing these vulnerabilities by July 13, 2026, for federal agencies, private organizations, and all users who rely on Joomla-powered websites.



  • In a recent update, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities, CVE-2026-48939 and CVE-2026-56291, to its Known Exploited Vulnerabilities catalog. These vulnerabilities have been identified as iCagenda and Balbooa Forms, respectively, which are open-source event management extensions for Joomla.

    iCagenda is an extension that allows website administrators to create, organize, and display events on Joomla-powered websites without custom development. However, this feature also allows for arbitrary file uploads, leading to a PHP code upload and execution vulnerability (CVE-2026-48939) with a CVSS score of 10.0. This high-severity vulnerability can potentially lead to exploitation.

    On the other hand, Balbooa Forms is a commercial form builder extension for Joomla that lets administrators create advanced web forms without coding. The identified vulnerability in this case is an unauthenticated arbitrary file upload (CVE-2026-56291) that allows uploading executable files and leads to full Remote Code Execution (RCE). This high-severity vulnerability also has a CVSS score of 10.0.

    CISA emphasizes the importance of addressing these vulnerabilities by federal agencies, private organizations, and all users who rely on Joomla-powered websites with iCagenda or Balbooa Forms installed. According to CISA's Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, identified vulnerabilities must be addressed by July 13, 2026.

    As a result, experts recommend that all organizations review the Vulnerability Catalog and address these vulnerabilities in their infrastructure. Failing to address these vulnerabilities may expose networks to potential attacks exploiting the flaws in the catalog.

    The inclusion of iCagenda and Balbooa Forms vulnerabilities highlights the importance of regularly monitoring software updates and ensuring timely patching of critical vulnerabilities. Furthermore, it emphasizes the need for organizations to prioritize cybersecurity and maintain robust security protocols to protect against exploitation.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/US-CISA-Adds-iCagenda-and-Balbooa-Forms-Vulnerabilities-to-Known-Exploited-Vulnerabilities-Catalog-ehn.shtml

  • https://securityaffairs.com/195164/security/u-s-cisa-adds-icagenda-and-balbooa-forms-flaws-to-its-known-exploited-vulnerabilities-catalog.html


  • Published: Sat Jul 11 15:32:06 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us