What is the CVSS score of CVE-2026-27305?

CVE-2026-27305 has a CVSS 3.1 base score of 8.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N. EPSS exploitation probability: 0.1%.

Which versions of Coldfusion are affected by CVE-2026-27305?

CVE-2026-27305 is a critical path traversal vulnerability in Adobe ColdFusion 2023.18, 2025.6 and earlier that allows unauthenticated attackers to read arbitrary files from affected servers without…

How to fix or mitigate CVE-2026-27305?

Within 24 hours: Identify and inventory all ColdFusion 2023.18 and 2025.6 instances; restrict network access to ColdFusion administration and application ports using firewall rules or WAF policies; implement request filtering to block path traversal patterns (../, ..\ sequences). Within 7 days: Contact Adobe for patch availability and timeline; evaluate offline or air-gapped deployment options as interim measures; implement enhanced logging and monitoring for file access anomalies. Within 30 days: Apply vendor patch immediately upon release; conduct forensic review of access logs for unauthorized file read attempts; validate remediation across all affected instances.

Coldfusion CVE-2026-27305

EUVD-2026-22732 HIGH

Path Traversal (CWE-22)

2026-04-14 psirt@adobe.com

Path Traversal Coldfusion

8.6

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.6 HIGH

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Re-analysis Queued

Apr 16, 2026 - 14:52 vuln.today

cvss_changed

Analysis Generated

Apr 14, 2026 - 22:40 vuln.today

EUVD ID Assigned

Apr 14, 2026 - 22:22 euvd

EUVD-2026-22732

Analysis Generated

Apr 14, 2026 - 22:22 vuln.today

CVE Published

Apr 14, 2026 - 22:16 nvd

HIGH 8.6

DescriptionCVE.org

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction.

AnalysisAI

Path traversal in Adobe ColdFusion 2023.18, 2025.6 and earlier enables unauthenticated remote attackers to read arbitrary files from the server file system without user interaction. The vulnerability carries a CVSS score of 8.6 (High) due to network accessibility, low complexity, and scope change, allowing access to sensitive files and directories beyond intended boundaries. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed ColdFusion endpoint

Delivery

Craft path traversal payload in HTTP parameter

Exploit

Send malicious request to vulnerable application

Execution

Application processes unsanitized file path

Persist

ColdFusion reads arbitrary file

Impact

Attacker receives sensitive file contents

Access

Identify exposed ColdFusion endpoint

Delivery

Craft path traversal payload in HTTP parameter

Exploit

Send malicious request to vulnerable application

Execution

Application processes unsanitized file path

Persist

ColdFusion reads arbitrary file

Impact

Attacker receives sensitive file contents

Vulnerability AssessmentAI

Exploitation	Remote unauthenticated attacker against Adobe ColdFusion versions 2023.18, 2025.6 and earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	This vulnerability presents significant real-world risk for internet-facing ColdFusion deployments. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An unauthenticated remote attacker identifies a publicly accessible ColdFusion application server and crafts HTTP requests containing path traversal sequences (such as ../../../../etc/passwd or ..\..\..\..\windows\system32\config\sam) in vulnerable parameters. The ColdFusion application processes these malicious paths without proper validation, allowing the attacker to read arbitrary files within the permissions scope of the ColdFusion process. …
Remediation	Apply the security updates provided in Adobe Security Bulletin APSB26-38 immediately, prioritizing internet-facing ColdFusion installations. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and inventory all ColdFusion 2023.18 and 2025.6 instances; restrict network access to ColdFusion administration and application ports using firewall rules or WAF policies; implement request filtering to block path traversal patterns (../, ..\ sequences). …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-27305 vulnerability details – vuln.today

Back

Coldfusion CVE-2026-27305

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code