THE Known Exploited Vulnerabilities (KEV) Catalog maintained by CISA provides an authoritative source for identifying vulnerabilities that have been exploited in the wild. It serves as a resource for organizations to prioritize their vulnerability management strategies effectively. The catalog details a specific vulnerability, CVE-2026-48908, associated with JoomShaper SP Page Builder, which allows unauthenticated file uploads that can lead to arbitrary file execution.
Mitigations and compliance with existing guidance are recommended for organizations to ensure security. The catalog is available in various formats, including CSV and JSON, and users can subscribe for updates.