The Hacker News AI Security ยท July 8, 2026

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

Why it matters

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2026-48282 (CVSS score: 10.0) - A path traversal vulnerability in Adobe ColdFusio

My takeaway: CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV is a threat-intelligence signal. The practical read is to connect the incident back to AI-adjacent software, developer tooling, and automation paths that need ordinary security controls.