Security · 2h ago
CISA Adds 4 Actively Exploited Flaws to KEV Catalog
CISA added four vulnerabilities to its Known Exploited Vulnerabilities catalog, including a critical Adobe ColdFusion path traversal flaw (CVE-2026-48282, CVSS 10.0) and bugs in Joomla and Langflow. The flaws are actively exploited in the wild. Federal agencies must patch by August 2026.
Meridian48 take
The inclusion of Langflow, a lesser-known AI tool, signals attackers are expanding beyond mainstream targets.
Read the full reporting
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV →
The Hacker News
cisa-kevactive-exploitation