CVE-2026-56291

CRITICAL KEV

Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension < 2.4.1

Title source: cna
STIX 2.1

Exploitation Summary

CVE-2026-56291 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added July 10, 2026.

Description

The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

References (2)

Core 2
Core References

Scores

CVSS v3 9.8
EPSS 0.0028
EPSS Percentile 19.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable yes
Technical Impact total

Details

CISA KEV 2026-07-10
VulnCheck KEV 2026-07-08
CWE
CWE-434
Status published
Products (2)
balbooa/forms < 2.4.1
balbooa.com/balbooa.com Balbooa Forms extension for Joomla 1.0-2.4.0
Published Jul 09, 2026
KEV Added Jul 10, 2026
Tracked Since Jul 09, 2026