BleepingComputer ·EN-US News source Patch releasedColdFusionAdobe Campaign Classic
Adobe patches seven max severity ColdFusion, Campaign flaws
CVE Tools coverage
Adobe has released updates addressing seven maximum-severity vulnerabilities across its ColdFusion web application platform and Adobe Campaign Classic marketing automation product. The ColdFusion issues (CVE-2026-48276, CVE-2026-48277, CVE-2026-48281, CVE-2026-48316, and CVE-2026-48282) affect ColdFusion versions 2025.9, 2023.20 and earlier and could enable remote code execution without user interaction or special privileges. A Campaign Classic flaw (CVE-2026-48286) affecting versions 7.4.3 build 9396 and earlier can allow arbitrary code execution in the context of the current user, and Adobe notes it impacts only on-premises instances.