Joomla Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by joomla
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Two-Factor Authentication Bypass in Joomla Core
CVE-2026-48896JoomlaJoomla! Cms8.2HIGHLocal File Inclusion Vulnerability in Joomla Products by Joomla
CVE-2026-40383JoomlaJoomla! Cms7.5HIGH2FA Bypass Vulnerability in Joomla Core Authentication
CVE-2026-48897JoomlaJoomla! Cms8.2HIGHImproper Access Control in Joomlaβs Configuration Webservice
CVE-2026-35223JoomlaJoomla! Cms8.6HIGHPrivilege Escalation Vulnerability in Joomla! Webservice Endpoint
CVE-2026-48904JoomlaJoomla! Cms8.2HIGHPrivilege Escalation Vulnerability in Joomla's User Management Component
CVE-2026-48898JoomlaJoomla! Cms8.2HIGHArbitrary File Deletion Flaw in Joomlaβs Update Mechanism
CVE-2026-23898JoomlaJoomla! Cms8.6HIGHImproper Access Check in Joomla's Webservice Endpoints
CVE-2026-23899JoomlaJoomla! Cms8.6HIGHSQL Injection Vulnerability in Joomla Database Package
CVE-2025-25226JoomlaJoomla! Framework9.8CRITICALAuthentication Bypass in Joomla Core Multifactor Authentication
CVE-2025-25227JoomlaJoomla! Cms7.5HIGHArbitrary File Extension Vulnerability in Joomla Media Manager
CVE-2025-22213JoomlaJoomla! Cms7.1HIGHCache Poisoning Vulnerability in Pagination
CVE-2024-27185JoomlaJoomla! Cms9.1CRITICAL[20231101] - Core - Exposure of environment variables
CVE-2023-40626JoomlaJoomla! CmsπΎπ‘7.5HIGH[20230502] - Core - Bruteforce prevention within the mfa screen
CVE-2023-23755JoomlaJoomla! Cms7.5HIGH[20220301] - Core - Zip Slip within the Tar extractor
CVE-2022-23793JoomlaJoomla! Cms7.5HIGH[20220303] - Core - User row are not bound to a authentication mechanism
CVE-2022-23795JoomlaJoomla! Cms9.8CRITICAL[20220305] - Core - Inadequate filtering on the selected Ids
CVE-2022-23797JoomlaJoomla! Cms9.8CRITICAL[20220307] - Core - Variable Tampering on JInput $_REQUEST data
CVE-2022-23799JoomlaJoomla! Cms9.8CRITICAL[20210801] - Core - Insufficient access control for com_media deletion endpoint
CVE-2021-26040JoomlaJoomla! Cms9.1CRITICAL[20210702] - Core - DoS through usergroup table manipulation
CVE-2021-26036JoomlaJoomla! Cms7.5HIGH[20210704] - Core - Privilege escalation through com_installer
CVE-2021-26038JoomlaJoomla! Cms7.5HIGHInformation Disclosure Vulnerability in Joomla! Core by Joomla
CVE-2010-1432JoomlaJoomla7.5HIGHArbitrary File Upload Vulnerability in Joomla! Core by Joomla
CVE-2010-1433JoomlaJoomla9.8CRITICALSession Fixation Vulnerability in Joomla! Core by Joomla
CVE-2010-1434JoomlaJoomla7.5HIGHSecurity Bypass Vulnerability in Joomla! Core by Joomla
CVE-2010-1435JoomlaJoomla9.8CRITICAL