CVE-2026-48901
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.
More information : https://developer.joomla.org/security-centre/1049-20260517-core-incorrect-cache-key-construction-for-inputfilter-objects.html