{"uuid": "4884fb6c-eac2-425b-8dc3-cba9fb9b7c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-56291", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mqjplozg4p2v", "content": "U.S. CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-48939 (iCagenda) and CVE-2026-56291 (Balbooa Forms). CVE-2026-48939, with a CVSS score of 10.0, allows arbitrary file uploads leading to PHP code execution.", "creation_timestamp": "2026-07-13T12:39:58.007689Z"}