Dossier
CVE-2026-48939
Coverage of CVE-2026-48939 in the Nexus archive.
- iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
CISA added two maximum-severity vulnerabilities in iCagenda and Balbooa Joomla extensions to its KEV catalog, citing reports of zero-day exploitation. Both flaws, rated 10.0 on the CVSS scale, are being actively exploited.