CVE Tools
Back to feed
SecurityWeek ·EN-US News source Exploited in the wildAdobe ColdFusionLangflowSP Page Builder

CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws

By Ionut Arghire··2 min read
CVE Tools coverage

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about actively exploited vulnerabilities in Adobe ColdFusion, Langflow, and two popular Joomla extensions. These flaws—CVE-2026-48282, CVE-2026-55255, CVE-2026-48908, and CVE-2026-56290—are being used by threat actors to gain unauthorized access and execute malicious code on affected systems. CISA has added these vulnerabilities to its Known Exploited Vulnerabilities catalog and mandated that federal agencies apply patches within three days. Organizations using any of the impacted software should prioritize remediation immediately.