CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV Catalog

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Key Takeaways
  • CISA action: CISA added four actively exploited vulnerabilities to its KEV catalog – CVE-2026-48282, CVE-2026-55255, CVE-2026-48908, and CVE-2026-56290.
  • Products affected: The flaws impact Adobe ColdFusion, Joomla page builder extensions (Joomlack and JoomShaper SP Page Builder), and Langflow.
  • Patch deadline: Federal agencies must remediate the vulnerabilities by July 10 under Binding Operational Directive 26-04.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The additions span flaws in Adobe ColdFusion, Joomla page builders, and Langflow, with CVE-2026-48282, CVE-2026-55255, and CVE-2026-56290

Adobe ColdFusion, Joomla, and Langflow Under Attack

CISA confirmed these flaws are under active exploitation. The move places the affected products under immediate scrutiny for organizations tasked with maintaining a hardened security posture. The newly listed vulnerabilities cover three distinct technologies. 

ColdFusion remains a recurring target for attackers seeking server-side access, with 16 prior ColdFusion CVEs already sitting in the KEV catalog. Langflow vulnerability is reflecting the growing interest of threat actors in AI tooling, following separate Langflow flaws already exploited last month.

July 10 Remediation Deadline

Federal Civilian Executive Branch agencies must remediate the identified vulnerabilities by the July 10 deadline under Binding Operational Directive 26-04, Prioritizing Security Updates Based on Risk, which updated and replaced the earlier BOD 22-01, 

CISA also strongly recommends that private-sector organizations prioritize timely patching of KEV-listed flaws to reduce exposure. 

Applying vendor fixes ahead of the cutoff remains the most direct path to mitigating active exploitation across Adobe ColdFusion, Joomla, and Langflow deployments.

Hackers a PoC to exploit a critical ColdFusion vulnerability that permits reading arbitrary files on compromised servers in 2024. 


For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: