Improper Input Validation in ColdFusion by Adobe
CVE-2025-61809
9.1CRITICAL
What is CVE-2025-61809?
ColdFusion versions 2025.4, 2023.16, and 2021.22 are vulnerable to an improper input validation that allows attackers to bypass security measures, potentially leading to unauthorized read and write access. This exploitation does not require any interaction from users, making it particularly dangerous as it could be executed without their knowledge.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
ColdFusion 0 <= 2021.22
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved