← All CVEs
CVE-2026-56290CRITICAL · 9.8TrackedCISA KEV
Joomlack · Page Builder
Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.
Disclosed
2026-06-29
10 days ago
Status
no honeypot capture yet
on CISA KEV — watching
7-day events
0
across 0 distinct IPs
7-day spread
0 ASN · 0 cty
0 active days
Top ASNs
No events captured yet.
Top countries
No events captured yet.
References
- https://www.joomlack.fr/en/joomla-extensions/page-builder-ck
- https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk
- https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk
- https://nvd.nist.gov/vuln/detail/CVE-2026-56290