HighCVENVD — high/critical CVEs (rolling 7d)· 14 Apr 2026

CVE-2026-27305 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Lim…

Severity: High · Kind: Vulnerability

Plain-English summary on the way

We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.

From the source

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction.

Vulnerability facts

CVE: CVE-2026-27305
CVSS: 8.6

Read the original advisory →← All threat intel

Was this useful?

00000Sign in to react

Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.