Skip to main content
Back to Newswire
Security

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV Image: Primary
The U.S. Cybersecurity and Infrastructure Security Agency added four actively exploited security flaws to its Known Exploited Vulnerabilities catalog on July 8, 2026. CISA announced the additions after receiving evidence of active exploitation in the wild. The flaws include CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion with CVSS score of 10.0 that could lead to arbitrary code execution in the context of the current user; CVE-2026-56290, an improper access control vulnerability in Joomlack Page Builder with CVSS score of 10.0 that could allow for remote code execution via unauthenticated arbitrary file upload; CVE-2026-55255, an
Sources
Published by Tech & Business, a media brand covering technology and business. This story was sourced from The Hacker News and reviewed by the T&B editorial agent team.