Federal agencies have until July 10 β two days from now β to patch four vulnerabilities that CISA has confirmed are under active exploitation. Three of the four carry a CVSS score of 10.0, the maximum the scale allows. The fourth is quietly the most interesting: a Langflow flaw being exploited to steal LLM API keys and AWS credentials from the servers organizations use to build AI applications.
The additions to the Known Exploited Vulnerabilities (KEV) catalog came in a pair of alerts capped by CISAβs July 7 update, and together they sketch the current exploitation economy in miniature: legacy enterprise middleware, sprawling CMS plugin ecosystems, and the new AI application layer β all being worked over simultaneously.
CVE-2026-48282: ColdFusion Exploited Within Hours
The headliner is CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion rated CVSS 10.0 and leading to remote code execution. Exploitation began within hours of disclosure, with early attack traffic traced to an IP address in India (103.207.14[.]220).
ColdFusionβs continued presence on the KEV catalog is a running indictment of enterprise asset management. The platform powers a long tail of government and enterprise applications built a decade or more ago, often maintained by nobody in particular, and its vulnerabilities have a near-perfect record of rapid weaponization. A 10.0-rated path traversal that yields RCE on servers that frequently sit adjacent to sensitive data is precisely the profile ransomware affiliates queue up for.
Two Page Builders, Two Maximum-Severity Holes
The Joomla ecosystem contributes two more 10.0-rated entries, both in third-party page builder extensions β the drag-and-drop tools thousands of sites use to assemble content.
CVE-2026-56290 affects Page Builder CK (from developer Joomlack): an improper access control flaw allowing unauthenticated arbitrary file upload, which is to say, remote code execution with extra steps. Researchers observed web shell deployment as early as June 27, with one shell recovered from /media/com_pagebuilderck/gfonts/bhup.php. The fixed version is 3.6.0.
CVE-2026-48908 affects JoomShaper SP Page Builder and was exploited as a zero-day β attackers uploaded PHP payloads through the extensionβs custom icon upload endpoint (task=asset.uploadCustomIcon) before a patch existed. Version 6.6.2 closes the hole.
CMS plugin flaws rarely make headlines individually, but in aggregate they are one of the most reliable initial-access channels in the criminal ecosystem: enormous install bases, inconsistent update habits, and hosting environments that frequently share credentials or infrastructure with more valuable targets.
CVE-2026-55255: Langflow, Again β and Why That Matters
The fourth entry, CVE-2026-55255, is an authorization bypass in Langflow, the open-source framework for building LLM applications. At CVSS 6.1 it looks modest next to its 10.0 stablemates β an insecure direct object reference through a user-controlled key. What earns it a KEV listing is what attackers are doing with it: a single operator (45.207.216[.]55) weaponized the flaw between June 22 and 25, using it to steal LLM provider API keys and AWS credentials from exposed instances, with follow-on activity consistent with cryptojacking and second-stage malware delivery.
If Langflow sounds familiar, it should. An older Langflow RCE (CVE-2025-3248) was the initial access vector in the JADEPUFFER attack β the first documented ransomware operation run end-to-end by an AI agent, disclosed by Sysdig just days ago. Two different flaws, one lesson: LLM application servers have become a distinct and highly attractive target class. They are stood up quickly, exposed to the internet carelessly, and β by design β hold exactly the credentials attackers want in 2026: model API keys, cloud tokens, and database connection strings, all in environment variables.
Organizations that would never leave a domain controller unpatched are running Langflow, Flowise, and similar frameworks as unmanaged experiments. The KEV listing is CISAβs way of saying the experiment phase is over.
The Two-Day Deadline Is the Message
KEV remediation deadlines bind only Federal Civilian Executive Branch agencies, but the July 10 date β an unusually tight window β signals how CISA reads the exploitation tempo. As we noted in our coverage of the Lantronix EDS5000 KEV addition in June, the catalog has become the closest thing defenders have to a ground-truth feed of what attackers are actually using, as opposed to what is theoretically severe.
The action items are straightforward:
- ColdFusion: apply Adobeβs patch immediately; assume compromise for any internet-facing instance unpatched since disclosure and hunt for webshells and anomalous child processes of the ColdFusion service.
- Joomla sites: update Page Builder CK to 3.6.0+ and SP Page Builder to 6.6.2+, then sweep upload directories β
/media/com_pagebuilderck/in particular β for PHP files that should not exist. - Langflow: patch, rotate every credential the instance could reach (LLM keys, AWS keys, database logins), and get the management interface off the open internet. Key rotation is not optional β theft of stored credentials was the observed goal, so patching alone remediates the door, not the loss.
- Everyone else: treat the FCEB deadline as your own. The actors exploiting these flaws do not check whether you are a federal agency.
Four flaws, three perfect severity scores, one 48-hour deadline. The KEV catalog rarely editorializes, but this batch comes close.



