DEV Community

NetSecOpsIO
NetSecOpsIO

Posted on • Originally published at cyber.netsecops.io on

CISA Adds Two Actively Exploited Joomla Plugin Flaws to KEV Catalog

On July 10, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities affecting Joomla components to its Known Exploited Vulnerabilities (KEV) catalog, signaling they are under active exploitation. The flaws, CVE-2026-48939 in the iCagenda extension and CVE-202...

Severity: High

Categories: Vulnerability, Patch Management, Regulatory

Read Full Article →

Top comments (0)