CISA has added four actively exploited vulnerabilities affecting Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder to its Known Exploited Vulnerabilities catalog. The attacks include rapid post-disclosure exploitation, zero-day file upload abuse, web shell deployment, and cross-tenant IDOR activity used to steal keys and deliver additional payloads. #CVE-2026-48282 #CVE-2026-56290 #CVE-2026-55255 #CVE-2026-48908 #Langflow #AdobeColdFusion #JoomlackPageBuilder #JoomShaperSPPageBuilder
Keypoints
- CISA added four exploited vulnerabilities to the KEV catalog.
- CVE-2026-48282 in Adobe ColdFusion can lead to arbitrary code execution.
- CVE-2026-48908 in JoomShaper SP Page Builder was abused to upload PHP code and create a Super User account.
- CVE-2026-56290 in Joomlack Page Builder was used to deliver web shells on affected sites.
- Langflow CVE-2026-55255 enabled attackers to access other usersβ flows and steal LLM and AWS keys.
Read More: https://thehackernews.com/2026/07/cisa-adds-4-actively-exploited-adobe.html