CVE Tools
Back to feed
The Hacker News ·EN News source Exploited in the wildBalbooa FormsiCagenda

iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

By The Hacker News··3 min read
CVE Tools coverage

CISA has added two high-severity vulnerabilities affecting the iCagenda and Balbooa Forms extensions for Joomla to its catalog of known exploited vulnerabilities, after reports confirmed they were being actively exploited as zero-days. CVE-2026-48939 in iCagenda enables arbitrary file uploads leading to remote code execution, while CVE-2026-56291 in Balbooa Forms allows unauthenticated attackers to upload malicious PHP files. Both flaws have been addressed in updated versions—4.0.8 and 3.9.15 for iCagenda, and 2.4.1 for Balbooa Forms. Administrators are urged to update immediately and scan for suspicious files on their systems.