www.cisa.gov 7/10/2026, 6:59:57 PM · external

CISA KEV Catalog Highlights CVE-2026-56291 Flaw in Balbooa Forms

Developing story vulnerability 2 articles tracked
CISA adds Balbooa Forms file‑upload flaw (CVE-2026-56291) to KEV catalogue
CyberSIXT Evidence Panel
Primary Source nvd.nist.gov
CISA KEV Listed in KEV
Patch Patch Status Unknown

THE Known Exploited Vulnerabilities (KEV) Catalog is maintained by CISA to aid cybersecurity professionals in managing vulnerabilities and staying updated on threats. Organizations are encouraged to integrate the catalog into their vulnerability management practices. The catalog includes details such as vulnerabilities like CVE-2026-56291, which relates to an unrestricted file upload issue in Balbooa Forms, enabling potential remote code execution.

Organizations are advised to follow vendor mitigation instructions and adhere to CISA's guidance for vulnerability management. Additional resources, including the catalog in CSV and JSON formats, are available for users.

View Primary Source Via www.cisa.gov

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline