Lucene search
K

7 matches found

Cvelist
Cvelist
added 4 hours ago8 views

CVE-2026-48316 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-48283

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.0063EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-48281

CVE-2026-48281 affects Adobe ColdFusion versions 2025.9, 2023.20 and earlier. The issue is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user, with no user interaction required. The CVSS vector indicates network access, low atta...

10CVSS6.4AI score0.00855EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-48281 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00855EPSS
Exploits0References1
CVE
CVE
added 6 days ago10 views

CVE-2026-48307

CVE-2026-48307 affects ColdFusion versions 2025.9, 2023.20 and earlier and is a reflected Cross-Site Scripting vulnerability (CWE-79). An attacker can inject malicious scripts into a web page, potentially leading to arbitrary code execution in the context of the current user. Exploitation require...

8.8CVSS6.4AI score0.00314EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-48282 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interactio...

10CVSS0.01021EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-53903

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and 2023.20 and earlier Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows for arbitrary code execution in the context of the current user. This issue can be...

10CVSS6.4AI score0.01021EPSS
Exploits2References16
Rows per page
Query Builder