{"uuid": "2b09f458-90df-4ec9-916d-d25890857cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56290", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mq7sjkxaxo2o", "content": "\ud83d\udd34 Joomla hit by two KEV flaws: CVE-2026-48908 (zero-day PHP upload + rogue Super User via com_sppagebuilder) &amp; CVE-2026-56290 / Page Builder CK (CVSS 10.0, unauth upload \u2192 RCE). Source: The Hacker News", "creation_timestamp": "2026-07-09T14:05:50.742832Z"}