Critical Alert 4 Active Exploits Detected Today

CVE-2026-56155 Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability →
CVE-2026-56164 Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability →
CVE-2026-15409 SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability →
CVE-2026-15410 SonicWall SMA1000 Appliances Code Injection Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower


← Back to CVE List

CVE-2026-48284NVD

Vulnerability Summary

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
Severity Level
CRITICAL(9.6)
Published Date
Jul 14, 2026
Last Modified
Jul 14, 2026
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required.
CVSS v3.1 Base Metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh