- EPSS 1.4%
- Veröffentlicht 06.07.2026 16:13:57
- Zuletzt bearbeitet 09.07.2026 17:19:22
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction....
CVE-2026-48315
- EPSS 0.55%
- Veröffentlicht 30.06.2026 15:12:03
- Zuletzt bearbeitet 01.07.2026 05:16:22
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malici...
- EPSS 0.86%
- Veröffentlicht 30.06.2026 15:12:02
- Zuletzt bearbeitet 01.07.2026 05:16:21
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction....
- EPSS 0.86%
- Veröffentlicht 30.06.2026 15:12:01
- Zuletzt bearbeitet 01.07.2026 18:16:33
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction....
CVE-2026-48285
- EPSS 0.44%
- Veröffentlicht 30.06.2026 15:12:00
- Zuletzt bearbeitet 30.06.2026 20:40:40
ColdFusion versions 2025.9, 2023.20 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unau...
CVE-2026-48313
- EPSS 1.58%
- Veröffentlicht 30.06.2026 15:12:00
- Zuletzt bearbeitet 30.06.2026 20:44:52
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read and limited write access. An attacker could ...
CVE-2026-48307
- EPSS 0.31%
- Veröffentlicht 30.06.2026 15:11:59
- Zuletzt bearbeitet 01.07.2026 16:16:46
ColdFusion versions 2025.9, 2023.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially resulting in arbitrary code ex...
CVE-2026-48314
- EPSS 0.33%
- Veröffentlicht 30.06.2026 15:11:58
- Zuletzt bearbeitet 30.06.2026 20:44:25
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabil...
- EPSS 0.92%
- Veröffentlicht 30.06.2026 15:11:57
- Zuletzt bearbeitet 01.07.2026 18:16:32
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not req...
- EPSS 28.58%
- Veröffentlicht 30.06.2026 15:11:57
- Zuletzt bearbeitet 08.07.2026 14:58:28
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitati...