CVE-2026-47928

Published: Giu 09, 2026 Last Modified: Giu 09, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,6

Source: [email protected]

Attack Vector: adjacent_network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

Improper Input Validation

Stable

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Confidentiality Integrity

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Memory Read Files Or Directories Modify Memory Execute Unauthorized Code Or Commands

Applicable Platforms

Technologies: AI/ML

Likelihood of Exploit: High

View CWE Details

https://helpx.adobe.com/security/products/coldfusion/apsb26…

https://helpx.adobe.com/security/products/coldfusion/apsb26-64.html

CVE-2026-47928

Description

Improper Input Validation

Common Consequences

Applicable Platforms

Iscriviti alla newsletter