www.securityweek.com 7/7/2026, 12:58:48 PM · external

Adobe ColdFusion flaw CVE-2026-48282 exploited hours after patch

Adobe ColdFusion flaw CVE-2026-48282 exploited hours after patch
CyberSIXT Evidence Panel
Primary Source helpx.adobe.com
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

A recently patched vulnerability in Adobe ColdFusion, labeled CVE-2026-48282 with a CVSS score of 10/10, is being actively exploited by threat actors. The vulnerability, which allows for path traversal and arbitrary code execution, was addressed in updates released on June 30. Adobe has not confirmed any known exploits, but researchers observed exploitation attempts starting within two hours post-disclosure.

Cybersecurity experts highlight the shrinking time frame for organizations to apply necessary patches, stressing the need for rapid identification of vulnerabilities and effective risk management practices.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline