CVE-2026-21627 — The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s com_ajax entry point. Under certain conditions, internal framework functionality could b — CVE Database · The Intelligence Room