CVE Tools
Back to feed
BleepingComputer ·EN-US News source Patch releasedColdFusionAdobe Campaign Classic

Adobe patches seven max severity ColdFusion, Campaign flaws

By Sergiu Gatlan··2 min read
CVE Tools coverage

Adobe has released updates addressing seven maximum-severity vulnerabilities across its ColdFusion web application platform and Adobe Campaign Classic marketing automation product. The ColdFusion issues (CVE-2026-48276, CVE-2026-48277, CVE-2026-48281, CVE-2026-48316, and CVE-2026-48282) affect ColdFusion versions 2025.9, 2023.20 and earlier and could enable remote code execution without user interaction or special privileges. A Campaign Classic flaw (CVE-2026-48286) affecting versions 7.4.3 build 9396 and earlier can allow arbitrary code execution in the context of the current user, and Adobe notes it impacts only on-premises instances.