THREAT OPS › Threat News › [CISA KEV] CVE-2026-56290 — Joomlack Page Builder: Joomlack Page Builder Improper Access Control Vulnerability
[CISA KEV] CVE-2026-56290 — Joomlack Page Builder: Joomlack Page Builder Improper Access Control Vulnerability
CVE: CVE-2026-56290 Vendor: Joomlack Product: Page Builder Vulnerability: Joomlack Page Builder Improper Access Control Vulnerability Date Added: 2026-07-07 Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in
MITRE ATT&CK techniques
- Cloud ServicesT1021.007
Indicators of compromise
- CVE-2026-56290cve
- https://www.joomlack.fr/en/joomla-extensions/page-builder-ckurl
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-56290