logo

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

ID: 70eafcad-f3b6-5249-8b18-262078173534

STIX ID: report--70eafcad-f3b6-5249-8b18-262078173534

Feed Name: The Hacker News

Threat Score
80/100

Date Published: 2026-07-01

Date Updated: 2026-07-01

Author: [email protected] (The Hacker News)

...
...

Adobe released security updates addressing multiple maximum-severity vulnerabilities in ColdFusion and Adobe Campaign Classic (several CVEs, many with CVSS 10.0) that could enable arbitrary code execution, privilege escalation, path traversal and arbitrary file-system reads; fixes are in ColdFusion 2023 Update 21 / 2025 Update 10 and Campaign ACC v7:7.4.3 build 9397, Adobe reports no observed exploitation and is moving to twice-monthly security bulletins due to accelerated AI-driven vulnerability discovery.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.