{"vulnerability": "cve-2026-48939", "sightings": [{"uuid": "ead1cf0c-38c2-4eff-a4e4-60bc0a9e547a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mopyiqfnx42t", "content": "CVE-2026-48939 - Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla\nCVE ID : CVE-2026-48939\n \n Published : June 20, 2026, 11:56 a.m. | 1\u00a0hour, 13\u00a0minutes ago\n \n Description : A vulnerability in the iCagenda extension for Joomla allows the ...", "creation_timestamp": "2026-06-20T13:44:57.744419Z"}, {"uuid": "cc82122e-7c2f-41eb-ab8c-17ebc906a242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48939", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mor7wauvu62f", "content": "CRITICAL: iCagenda for Joomla (v1.0.0 \u2013 4.0.7) lets attackers upload + execute PHP files, risking full server compromise. No fix yet \u2014 disable feature or apply WAF rules ASAP. https://radar.offseq.com/threat/cve-2026-48939-cwe-284-improper-access-control-in--bc923bedc1d1c47e #OffSeq #Joomla \ud83d\udee1\ufe0f", "creation_timestamp": "2026-06-21T01:30:28.581736Z"}, {"uuid": "a768fefc-26e7-4c97-ab63-900f25f78538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48939", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116785507532685788", "content": "CVE-2026-48939 (CRITICAL): iCagenda for Joomla (v1.0.0-3.9.14, 4.0.0-4.0.7) allows unauthenticated PHP file upload &amp; execution. No patch yet \u2014 disable or restrict access, use WAF to block. Full site/server compromise risk. Details: https://radar.offseq.com/threat/cve-2026-48939-cwe-284-improper-access-control-in--bc923bedc1d1c47e #OffSeq #Joomla #infosec", "creation_timestamp": "2026-06-21T01:30:29.091535Z"}, {"uuid": "089c3a53-db85-4a24-a3ff-1e46bb1818d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpwdjdape723", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48939 \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 iCagenda \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/B4898F64-5D8B-4A50-BE10-C10F29B49F90", "creation_timestamp": "2026-07-05T19:43:19.156902Z"}, {"uuid": "0ca0bbd1-d8d0-4e95-906d-caf0e915a2c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116896829543133479", "content": "CISA has added two vulnerabilities to the KEV catalogue.\n-  CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48939\n-  CVE-2026-56291: Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56291 #CISA #infosec #vulnerability", "creation_timestamp": "2026-07-10T17:21:04.761918Z"}, {"uuid": "3049c782-5bd4-44f0-bd93-16c94bc32fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqcp6rngha2b", "content": "CVE-2026-48939 - icagenda [known exploited]\nThe iCagenda extension for Joomla allows attackers to upload malicious files, potentially leading to the execution of PHP code. This could compromise the security\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#icagenda #joomlic #CVE #infosec", "creation_timestamp": "2026-07-10T17:44:06.935410Z"}, {"uuid": "9a65cd2e-aa10-4798-9e2c-5aae9d583c9f", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/349ea528-8815-4e8a-812a-918abda44b5f", "content": "", "creation_timestamp": "2026-07-10T18:00:02.701206Z"}, {"uuid": "b45bc1a1-6801-4c16-8b4e-503de277637b", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e8ce3b4b-518e-4cc5-ad71-9781806a54ef", "content": "", "creation_timestamp": "2026-07-10T18:00:24.561275Z"}, {"uuid": "67235208-0c79-4d47-9f64-abd35b53e369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mqcr534agp2j", "content": "\ud83d\uded1 CVE-2026-48939\niCagenda iCagenda\nCVSS 10.0 / EPSS 1% / KEV \u2705\nTL;DR: A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files \u2026\nhttps://cvesentinel.com/report/CVE-2026-48939?utm_source=bluesky&amp;utm_medium=social&amp;utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-07-10T18:18:56.671002Z"}, {"uuid": "a16f6222-bd3f-4cfa-b52a-289d73661f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mqcww6zvhz2f", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48939 iCagenda Unrestricted Upload\u2026\n\n\ud83d\udd17 https://hnow.live/a/1160719f", "creation_timestamp": "2026-07-10T20:02:28.893487Z"}, {"uuid": "1c5306a1-1caa-4f7d-9b50-b86f614471cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6961009", "content": "2026-07-10: [CVE-2026-48939] iCagenda Unrestricted Upload of File with Dangerous Type VulnerabilityiCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.\ncisakev", "creation_timestamp": "2026-07-10T21:00:25.313943Z"}, {"uuid": "e370c894-aca2-4d93-aff9-c4e1429c8503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdek725kc2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48939 \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 iCagenda \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/394E4504-A538-422A-9DE6-D5EC7D4CA278", "creation_timestamp": "2026-07-11T00:06:18.378442Z"}, {"uuid": "6aeaae95-3095-4bed-a781-4fb73d453c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdgjw633j2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48939 \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 iCagenda \u0434\u043b\u044f Joomla: \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/A1AB5475-6F6B-416C-A06D-67A3D02545AD", "creation_timestamp": "2026-07-11T00:41:56.155499Z"}, {"uuid": "84d4af59-6abe-4846-93a1-8873f69daa27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48939", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mqdgk5sbg326", "content": "Joomla iCagenda \u63d2\u4ef6\u6f0f\u6d1e CVE-2026-48939:\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u98ce\u9669\u4e0e\u5b89\u5168\u9632\u62a4\u6307\u5357\n\n\n\nhttps://qian.cx/posts/5DD651F3-1137-44AF-A3D0-A0FD2F28CEA2", "creation_timestamp": "2026-07-11T00:42:04.147611Z"}]}