Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Description supports arbitrary file read only, so C:H but I:N/A:N; PR:L for low-privilege access, S:C because traversal reaches resources outside the app's security scope.
Primary rating from Vendor (adobe).
CVSS VectorVendor: adobe
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction. Scope is changed.
AnalysisAI
Path traversal in Adobe ColdFusion allows an authenticated remote attacker (PR:L) to read arbitrary files outside the intended web/application scope by manipulating pathname input, per Adobe advisory APSB26-82. The flaw carries a critical 9.9 CVSS with a changed scope, meaning a successful read can reach files belonging to other security contexts on the host. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network access to a ColdFusion instance and a low-privilege authenticated context (CVSS PR:L) - it is not fully unauthenticated - but needs no user interaction (UI:N) and no special product configuration is called out in the description. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed and warrant a careful read. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker holding a low-privilege ColdFusion or application account sends crafted requests to a file-handling endpoint, embedding directory-traversal sequences to step outside the intended directory. Because scope is changed, the attacker reads sensitive files such as configuration, credential, or datasource files elsewhere on the host, then reuses harvested secrets to escalate access. … |
| Remediation | Apply the ColdFusion security update referenced in Adobe advisory APSB26-82 (https://helpx.adobe.com/security/products/coldfusion/apsb26-82.html) as the primary fix; the exact patched build numbers are listed there and should be applied to every affected release train - no exact fix version was provided in this dataset to cite verbatim, so pull it from the advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all Adobe ColdFusion deployments, identify all accounts with ColdFusion authentication access, and audit recent file access logs for suspicious activity. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Coldfusion
View allUnspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files
Path traversal in Adobe ColdFusion 2025.9, 2023.20 and earlier enables remote, unauthenticated attackers to write or acc
The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attack
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unr
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Acces
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerabili
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. Rated critical severity (CVSS 9.8), this vulnerabi
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. Rated critical severity (CVSS 9.8), this vulnerabi
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerabili
Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 1
Path traversal in Adobe ColdFusion 2025.9, 2023.20 and all earlier releases lets remote attackers (PR:N) read arbitrary
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44551
GHSA-47x5-g7cj-cvgp