- Description
- ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
- Source
- psirt@adobe.com
- NVD status
- Analyzed
- Products
- coldfusion
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@adobe.com
- CWE-434
- Hype score
- Not currently trending
Adobe ColdfusionでCVSSスコア10の脆弱性6件が修正。6/30に11件の脆弱性が修正されたうちの一部。無制限のファイルアップロードCVE-2026-48276及びCVE-2026-48283、入力検証不備CVE-2026-48277、CVE-2026-48281、CVE-2026-48316、パスト
@__kokumoto
30 Jun 2026
760 Impressions
1 Retweet
5 Likes
1 Bookmark
0 Replies
0 Quotes
ARETIQ Daily Vulnerability Bulletin — June 30, 2026 🟣 EMERGENCY: CVE-2026-48282 (adobe/coldfusion) AAS 16.3 🟣 EMERGENCY: CVE-2026-48281 (adobe/coldfusion) AAS 16.3 🟣 EMERGENCY: CVE-2026-48283 (adobe/coldfusion) AAS 16.3 🟣 EMERGENCY: CVE-2026-48277 (adobe/coldfusion
@AretiqAI
30 Jun 2026
621 Impressions
1 Retweet
11 Likes
2 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*",
"matchCriteriaId": "B02A37FE-5D31-4892-A3E6-156A8FE62D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*",
"matchCriteriaId": "0AA3D302-CFEE-4DFD-AB92-F53C87721BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*",
"matchCriteriaId": "645D1B5F-2DAB-4AB8-A465-AC37FF494F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*",
"matchCriteriaId": "ED6D8996-0770-4C9F-BEA5-87EA479D40A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*",
"matchCriteriaId": "4836086E-3D4A-4A07-A372-382D385CB490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*",
"matchCriteriaId": "CBC19168-4184-4B59-B9C8-E98844124EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*",
"matchCriteriaId": "A60DCD92-9A5B-411C-9554-642C91D77FAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*",
"matchCriteriaId": "58CC65EF-60A3-4DFA-AA51-E5013F116CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*",
"matchCriteriaId": "2E3EBFB1-4488-4924-A2E2-B7E422D68345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update17:*:*:*:*:*:*",
"matchCriteriaId": "A683F9B2-A0DC-4AA0-BE97-9E74FA200AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update18:*:*:*:*:*:*",
"matchCriteriaId": "8689F35F-9A81-45D2-B782-DBA12306BA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update19:*:*:*:*:*:*",
"matchCriteriaId": "5FAA5985-4B25-46C5-8064-0713AB251704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*",
"matchCriteriaId": "EB88D4FE-5496-4639-BAF2-9F29F24ABF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update20:*:*:*:*:*:*",
"matchCriteriaId": "9E3884AF-7A1A-4604-B653-6694B7BD1E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*",
"matchCriteriaId": "43E0ED98-2C1F-40B8-AF60-FEB1D85619C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*",
"matchCriteriaId": "76204873-C6E0-4202-8A03-0773270F1802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*",
"matchCriteriaId": "C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*",
"matchCriteriaId": "E3A83642-BF14-4C37-BD94-FA76AABE8ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*",
"matchCriteriaId": "A892E1DC-F2C8-4F53-8580-A2D1BEED5A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*",
"matchCriteriaId": "DB97ADBA-C1A9-4EE0-9509-68CB12358AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*",
"matchCriteriaId": "E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*",
"matchCriteriaId": "30779417-D4E5-4A01-BE0E-1CE1D134292A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*",
"matchCriteriaId": "80D7FC6A-F264-4CB1-A18D-B091EBA47882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*",
"matchCriteriaId": "E3DA0D20-93BA-4C76-A400-159853CD7277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*",
"matchCriteriaId": "5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*",
"matchCriteriaId": "C85288B9-5D63-49EA-828A-8DB3BB2367F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update5:*:*:*:*:*:*",
"matchCriteriaId": "3882A011-5A01-48E7-B5E7-5A837B1CE245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update6:*:*:*:*:*:*",
"matchCriteriaId": "AACCE621-3380-4144-BA1B-AA26FE96B902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update7:*:*:*:*:*:*",
"matchCriteriaId": "EBC62370-3FA2-4AF7-A201-4155D09051F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update8:*:*:*:*:*:*",
"matchCriteriaId": "D7616F34-9422-4815-806F-4484F68ED2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:coldfusion:2025:update9:*:*:*:*:*:*",
"matchCriteriaId": "FB078BC9-164F-46D0-99F8-086F93FF2046",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]