CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1111 matches found

GithubExploit•added 2026/05/16 7:0 p.m.•55 views

Exploit for Improper Access Control in Adobe Coldfusion

CVE-2023-26360 — Adobe ColdFusion Unauthenticated RCE Python...

9.8CVSS8.2AI score0.9433EPSS

Zero Day Initiative•added 2026/04/15 12:0 a.m.•8 views

Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Adobe ColdFusion. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the deleteVersion method. T...

5.4CVSS6.1AI score0.0008EPSS

Exploits0References1

Zero Day Initiative•added 2026/04/15 12:0 a.m.•4 views

Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the subscribeToEndpoints method. The issue results from a missing critical step during...

6.5CVSS5.8AI score0.00565EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•3 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The version Adobe ColdFusion 2023.18, as well as versions prior to 2025.6, have a vulnerability related to input validation...

8.4CVSS6.2AI score0.00138EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•3 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The version Adobe ColdFusion 2023.18, as well as versions prior to 2025.6, have a vulnerability related to input validation...

7.5CVSS6.7AI score0.00565EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•2 views

Adobe ColdFusion 资源管理错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...

2.4CVSS5.8AI score0.00032EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•2 views

Adobe ColdFusion 输入验证错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The version Adobe ColdFusion 2023.18, as well as versions prior to 2025.6, have a vulnerability related to input validation...

9.3CVSS6.2AI score0.00098EPSS

Exploits0References1

Adobe•added 2026/04/14 12:0 a.m.•16 views

APSB26-38 : Security update available for Adobe ColdFusion

Adobe has released security updates for ColdFusion versions 2025 and 2023. These updates resolves critical and moderate vulnerabilities that could lead to arbitrary code execution, application denial-of-service, arbitrary file system read, and security feature bypass...

CNNVD•added 2026/04/14 12:0 a.m.•3 views

Adobe ColdFusion 资源管理错误漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.18, 2025.6, and earlier have a resource management vulnerability. This vulnerability...

2.4CVSS5.8AI score0.00032EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•4 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The versions of Adobe ColdFusion from 2023.18 onwards, as well as those before 2025.6, have a path traversal vulnerability. Th...

8.6CVSS7.4AI score0.00074EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•2 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion prior to 2023.18 and 2025.6 have a path traversal vulnerability. This vulnerability stems from a...

7.7CVSS6.2AI score0.0008EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/06 12:0 a.m.•3 views

Adobe ColdFusion CAR File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of CAR files. The issue results from the lack of proper validation of a...

7.2CVSS6.1AI score0.00302EPSS

Exploits0References1

Tenable Nessus•added 2026/01/15 12:0 a.m.•4 views

Adobe ColdFusion < 2023.x < 2023u18 / 2025.x < 2025u6 RCE (APSB26-12)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2023.x update 18 or 2025.x update 6. It is, therefore, affected by a vulnerability in the bundled Apache Tika dependency that could lead to arbitrary code execution. Note that Nessus has not tested for this issue but...

9.8CVSS7.5AI score0.01579EPSS

Exploits5References2

Adobe•added 2026/01/13 12:0 a.m.•39 views

APSB26-12 : Security update available for Adobe ColdFusion

Adobe has released security updates for ColdFusion versions 2025 and 2023. These dependency update resolves a critical vulnerability that could lead to arbitrary code execution...

VulnCheck KEV•added 2025/12/26 12:0 a.m.•3 views

VulnCheck KEV: CVE-2023-44352

Adobe ColdFusion versions 2023.5 and earlier and 2021.11 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within th...

6.1CVSS5.7AI score0.78863EPSS

In wildExploits0References2

CNVD•added 2025/12/15 12:0 a.m.•2 views

Adobe ColdFusion XML External Entity References Improperly Restricted Vulnerability (CNVD-2026-0494343)

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. Adobe ColdFusion suffers from an improperly restricted XML external entity...

8.6CVSS6AI score0.00042EPSS

Exploits0References1

CNVD•added 2025/12/15 12:0 a.m.•1 views

Adobe ColdFusion XML External Entity References Improperly Restricted Vulnerability (CNVD-2026-0494441)

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. Adobe ColdFusion suffers from an improperly restricted XML external entity...

8.6CVSS6AI score0.00042EPSS

Exploits0References1

CNVD•added 2025/12/15 12:0 a.m.•4 views

Adobe ColdFusion Credential Protection Insufficiency Vulnerability

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. Adobe ColdFusion suffers from an insufficiently protected credentials...

5.3CVSS5.9AI score0.0005EPSS

Exploits0References1

CNVD•added 2025/12/15 12:0 a.m.•2 views

Adobe ColdFusion Improper Access Control Vulnerability

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. An improper access control vulnerability exists in Adobe ColdFusion, which...

5.6CVSS5.9AI score0.0004EPSS

Exploits0References1

CNVD•added 2025/12/15 12:0 a.m.•4 views

Adobe ColdFusion XML External Entity References Improperly Restricted Vulnerability

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. Adobe ColdFusion suffers from an improperly restricted XML external entity...

6.2CVSS6AI score0.00044EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by