375/69 Thursday, July 9, 2026

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after finding evidence that they have been actively exploited in attacks. The newly added vulnerabilities include CVE-2026-48282 in Adobe ColdFusion, CVE-2026-56290 in Joomlack Page Builder, CVE-2026-48908 in JoomShaper SP Page Builder, and CVE-2026-55255 in Langflow. Most of these vulnerabilities are Critical and could lead to remote code execution or unauthorized access to sensitive information.
Reports indicate that CVE-2026-48282 is a Path Traversal vulnerability in Adobe ColdFusion that could lead to unauthorized code execution. Meanwhile, CVE-2026-56290 and CVE-2026-48908 are vulnerabilities in Joomla extensions that allow unauthenticated attackers to upload malicious files and execute code on affected websites. In some cases, reports have observed web shell uploads and the creation of unauthorized Super User accounts.
CVE-2026-55255 in Langflow is an authorization bypass or IDOR vulnerability that could allow authenticated attackers to execute another user’s flow. Reports indicate that it has been exploited together with another Langflow RCE vulnerability to steal LLM provider keys and AWS keys. Administrators should promptly check whether they are using affected products or extensions, apply patches or update to the latest versions, inspect systems for web shells and unusual administrator accounts, and review any secrets or API keys that may have been accessed from affected systems.
Source: https://thehackernews.com/2026/07/cisa-adds-4-actively-exploited-adobe.html
