COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-56291

CVE-2026-56291

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-07-10
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-56291
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildunpatchedransomwaresupply-chain

Balbooa Forms allows unauthenticated arbitrary file upload leading to full RCE.

This vulnerability enables unauthenticated attackers to upload executable files to Balbooa Forms, resulting in full remote code execution. DIB organizations must ensure no unauthenticated upload endpoints exist in their supply chain to prevent ransomware or data exfiltration via compromised vendor services.

Shame score — Unauthenticated RCE via file upload is a critical, avoidable supply-chain failure that directly violates FedRAMP and CMMC requirements for secure upload mechanisms.

Players implicated

Balbooa · vendorForms · product

Description

Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.