6 matches found
CVE-2026-2887
CVE-2026-2887 affects aardappel lobster up to 2025.4. The vulnerability is in the function lobster::TypeName within lib dev/src/lobster/idents.h, causing uncontrolled recursion. Exploitation is local and publicly disclosed. A fix is available in version 2026.1; patch name 8ba49f98ccfc9734ef352146...
CVE-2025-64897
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability. A low privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized write access potentially resulting in denial of service...
Adobe ColdFusion 访问控制错误漏洞
Adobe ColdFusion is a suite of rapid application development platforms from the American company Audobee Adobe. The platform includes an integrated development environment and a scripting language. An Access Control Error vulnerability exists in Adobe ColdFusion versions 2025.4, 2023.16, 2021.22,...
CVE-2025-61821 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and data on the server. Explo...
CVE-2025-61823 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could lead to arbitrary file system read. A high privileged attacker could exploit this vulnerability to access sensitive files and data on th...
PT-2025-50282
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier Description An improper input validation issue exists in ColdFusion that could allow an attacker to bypass security measures and gain unauthorized read and write access. Exploitation of...