Uncategorized

iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild.

The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below –

CVE-2026-48939 – A vulnerability in the

Ready to get started?

Let's discuss how we can protect your organization. Book a free consultation with our security experts today.

Get Your Free Report

Enter your details for instant access to the full NIS2 analysis.

What you'll receive:
  • 42-page sector analysis
  • Compliance checklists & frameworks
  • Penalty & enforcement data 2026
Cypro Report Download
Your data is secure. No spam, unsubscribe anytime.