Critical severityNVD Advisory· Published Feb 20, 2026· Updated Apr 15, 2026
CVE-2026-21627
CVE-2026-21627
Description
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tassos.grnvd
News mentions
0No linked articles in our index yet.