CISA added four exploited flaws to KEV, covering Adobe ColdFusion, Joomla page builders, and Langflow ahead of July 10 fixes.
Hackers are exploiting a critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10.