Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation:

CVE-2026-48908 JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability, CVE-2026-55255 Langflow Authorization Bypass Through User-Controlled Key Vulnerability, CVE-2026-56290 Joomlack Page Builder Improper Access Control Vulnerability.

These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise.

Return to Alerts

Click to listen highlighted text!