ADOBE has issued security updates for ColdFusion and Campaign Classic, addressing multiple critical vulnerabilities, including seven maximum-severity flaws with a CVSS score of 10.0. These vulnerabilities could lead to remote code execution, privilege escalation, or unauthorized file access. Key vulnerabilities include CVE-2026-48276, CVE-2026-48283, CVE-2026-48277, CVE-2026-48281, CVE-2026-48282, and CVE-2026-48313, among others. Adobe recommends immediate application of these updates to mitigate risks.
The updates also resolve an authorization weakness in Campaign Classic affecting on-premises deployments. No current active exploits of these vulnerabilities have been reported.