Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

ColdFusion — Vulnerabilities & Security Advisories 117

All 117 CVE vulnerabilities found in ColdFusion, with AI-generated Chinese analysis, references, and POCs.

Vendor: Adobe

CVE IDTitleCVSSSeverityPaused
CVE-2026-34619 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) CWE-22 7.7 High2026-04-14
CVE-2026-27308 ColdFusion | Uncontrolled Resource Consumption (CWE-400) CWE-400 2.4 Low2026-04-14
CVE-2026-27282 ColdFusion | Improper Input Validation (CWE-20) CWE-20 7.5 High2026-04-14
CVE-2026-27305 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) CWE-22 8.6 High2026-04-14
CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20) CWE-20 9.3 Critical2026-04-14
CVE-2026-27306 ColdFusion | Improper Input Validation (CWE-20) CWE-20 8.4 High2026-04-14
CVE-2026-27307 ColdFusion | Uncontrolled Resource Consumption (CWE-400) CWE-400 2.4 Low2026-04-14
CVE-2025-61808 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434) CWE-434 9.1 Critical2025-12-09
CVE-2025-61813 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 8.2 High2025-12-09
CVE-2025-61812 ColdFusion | Improper Input Validation (CWE-20) CWE-20 8.4 High2025-12-09
CVE-2025-64898 ColdFusion | Insufficiently Protected Credentials (CWE-522) CWE-522 4.3 Medium2025-12-09
CVE-2025-61821 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 6.8 Medium2025-12-09
CVE-2025-61810 ColdFusion | Deserialization of Untrusted Data (CWE-502) CWE-502 8.4 High2025-12-09
CVE-2025-61809 ColdFusion | Improper Input Validation (CWE-20) CWE-20 9.1 Critical2025-12-09
CVE-2025-61822 ColdFusion | Improper Input Validation (CWE-20) CWE-20 6.2 Medium2025-12-09
CVE-2025-64897 ColdFusion | Improper Access Control (CWE-284) CWE-284 5.6 Medium2025-12-09
CVE-2025-61823 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 6.2 Medium2025-12-09
CVE-2025-61811 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) CWE-22 9.1 Critical2025-12-09
CVE-2025-54261 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) CWE-22 10.0 Critical2025-09-09
CVE-2025-54234 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) CWE-918 2.7 Low2025-08-18
CVE-2025-49542 ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79) CWE-79 5.2 Medium2025-07-08
CVE-2025-49535 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 9.3 Critical2025-07-08
CVE-2025-49539 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 4.5 Medium2025-07-08
CVE-2025-49536 ColdFusion | Incorrect Authorization (CWE-863) CWE-863 7.3 High2025-07-08
CVE-2025-49545 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) CWE-918 6.2 Medium2025-07-08
CVE-2025-49541 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79) CWE-79 4.3 Medium2025-07-08
CVE-2025-49537 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) CWE-78 7.9 High2025-07-08
CVE-2025-49551 ColdFusion | Use of Hard-coded Credentials (CWE-798) CWE-798 8.8 High2025-07-08
CVE-2025-49546 ColdFusion | Improper Access Control (CWE-284) CWE-284 2.4 Low2025-07-08
CVE-2025-49544 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) CWE-611 6.8 Medium2025-07-08

All 117 known CVE vulnerabilities affecting ColdFusion with full Chinese analysis, references, and POCs where available.