Improper Input Validation in ColdFusion by Adobe
CVE-2026-48316
10CRITICAL
What is CVE-2026-48316?
ColdFusion versions 2025.9 and 2023.20 are vulnerable to improper input validation, which may allow attackers to execute arbitrary code without requiring user interaction. This severity of this risk emphasizes the need for immediate attention by organizations using the affected versions. To protect sensitive information and system integrity, it is crucial to apply the latest security updates provided by Adobe.
Affected Version(s)
ColdFusion 0 <= 2023.20