Improper Input Validation in Adobe ColdFusion Software
CVE-2026-47930

8.1HIGH

Key Information:

Vendor

Adobe

Vendor
CVE Published:
9 June 2026

What is CVE-2026-47930?

Adobe ColdFusion versions 2023.19, 2025.8, and earlier are impacted by an improper input validation issue that may allow a low-privileged attacker to circumvent existing security features. This vulnerability enables unauthorized read and write access without requiring user interaction, thereby posing a significant risk to the integrity and confidentiality of sensitive data.

Affected Version(s)

ColdFusion 0 <= 2025.8

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.