Signal
CISA adds critical Joomla extension vulnerabilities exploited in the wild to known exploited catalog
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-07-13 05:36 UTCUpdated 2026-07-13 17:22 UTC
rss
vulnerabilitiesexploitsincident_responsesecurity_advisory
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.3 top sources shown
Overview
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting the iCagenda and Balbooa Forms extensions for Joomla to its Known Exploited Vulnerabilities catalog.
Entities
CISAiCagendaBalbooa Forms
Score total
1.31
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
- Recent reports confirm zero-day exploitation of these flaws by threat actors.
- CISA's addition to the KEV catalog signals official recognition and prioritization of these risks.
- Organizations running affected Joomla extensions must act promptly to prevent compromise.
Why it matters
- These vulnerabilities enable remote code execution, posing a critical risk to Joomla-based websites.
- Active exploitation in the wild increases urgency for organizations to patch or mitigate immediately.
- Inclusion in CISA's Known Exploited Vulnerabilities catalog highlights the severity and widespread impact.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
- The iCagenda and Balbooa Forms Joomla extensions contain critical zero-day vulnerabilities allowing unrestricted file uploads and remote code execution.
How sources frame it
- The Hacker News: neutral
- SecurityWeek: neutral
- SC Media: neutral
All evidence
All evidence
CISA adds iCagenda and Balbooa Forms vulnerabilities to known exploited catalog
SC Media · scworld.com · 2026-07-13 17:22 UTC
Organizations Warned of Exploited Joomla Extension Vulnerabilities
SecurityWeek · securityweek.com · 2026-07-13 09:08 UTC
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
thehackernews · thehackernews.com · 2026-07-13 05:36 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
- SC Media (1)
- SecurityWeek (1)
- thehackernews (1)
Top origin domains (this list)
- scworld.com (1)
- securityweek.com (1)
- thehackernews.com (1)