logo

Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild

ID: 1ddca43e-9adc-56ae-9b76-fc3cf0ac33e6

STIX ID: report--1ddca43e-9adc-56ae-9b76-fc3cf0ac33e6

Feed Name: Security Affairs

Threat Score
85/100

Date Published: 2026-07-06

Date Updated: 2026-07-07

Author: Pierluigi Paganini

...
...

Attackers are actively exploiting CVE-2026-48282, a critical path-traversal vulnerability in Adobe ColdFusion (affecting ColdFusion 2025.9, 2023.20 and earlier) that allows unauthenticated remote code execution; exploitation began within two hours of public disclosure and activity was observed from IP 103.207.14.220, prompting urgent patching recommendations.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.