{"uuid": "af317c3a-2f9f-4fcd-a0a3-29d6be74e7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mqjplozg4p2v", "content": "U.S. CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-48939 (iCagenda) and CVE-2026-56291 (Balbooa Forms). CVE-2026-48939, with a CVSS score of 10.0, allows arbitrary file uploads leading to PHP code execution.", "creation_timestamp": "2026-07-13T12:39:57.968334Z"}