CVE-2026-27307

| EUVD-2026-22736 LOW
2026-04-14 [email protected]
Denial Of Service
2.4
CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Apr 14, 2026 - 22:43 vuln.today

DescriptionNVD

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability and exhaust system resources, reducing application speed. Exploitation of this issue does not require user interaction.

AnalysisAI

ColdFusion versions 2023.18, 2025.6 and earlier are vulnerable to uncontrolled resource consumption that allows high-privileged attackers to trigger denial-of-service by exhausting system resources without user interaction. The CVSS score of 2.4 reflects low severity due to the high-privilege requirement (PR:H), though the attack vector is adjacent network access and does not require authentication once the attacker has elevated privileges.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-27307 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy