THREAT OPS › CVEs › CVE-2026-48282
CVE-2026-48282 — Adobe ColdFusion Path Traversal Vulnerability
Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user.
Vulnerability details
- Affected productsColdFusion
- KEV remediation due2026-07-10
Related reporting
- CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEVthehackernews
- Adobe security advisory (AV26-647) – Update 2cccs_ca
- It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza)watchtowr
- CVE-2026-48282: Mitigating a Critical Vulnerability in Adobe ColdFusionakamai_blog
- CISA Adds One Known Exploited Vulnerability to Catalogcisa_advisories
- [CISA KEV] CVE-2026-48282 — Adobe ColdFusion: Adobe ColdFusion Path Traversal Vulnerabilitycisa_kev
- Maximum-Severity Adobe ColdFusion Flaw Exploited Within Hours of Disclosureorca_security