Critical Alert 3 Active Exploits Detected Today

CVE-2026-11645 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability →
CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability →
CVE-2026-20245 Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability →
Powered by CVE Watchtower
×

Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 10, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-47932NVD

Vulnerability Summary

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories outside the intended restrictions. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
Severity Level
HIGH(8.8)
Published Date
Jun 9, 2026
Last Modified
Jun 9, 2026
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-22: Path Traversal β†—
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.
CVSS v3.1 Base Metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

External References