CVE-2026-56291: Unrestricted File Upload in Balbooa Forms for Joomla (KEV)
CVE-2026-56291 is a KEV-listed unrestricted file upload flaw in Balbooa Forms for Joomla, letting attackers upload web shells for RCE. Our detection ships across Sentinel, Splunk, Elastic, QRadar, Sumo Logic, Chronicle, and CrowdStrike.