Insufficient Session Expiration Vulnerability in ColdFusion by Adobe
CVE-2026-48329
2.7LOW
What is CVE-2026-48329?
Adobe ColdFusion contains a vulnerability related to insufficient session expiration, enabling a high-privileged attacker to bypass security features. This issue can lead to unauthorized write access without requiring user interaction, posing significant risks to application integrity and data confidentiality.
Affected Version(s)
ColdFusion 2023 0 <= 21
ColdFusion 2023 0 <= 21
ColdFusion 2025 0 <= 10