Unrated severityCISA KEVNVD Advisory· Published Mar 23, 2023· Updated Oct 21, 2025
Adobe ColdFusion Improper Access Control Arbitrary code execution
CVE-2023-26360
Description
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2021 Update 5+ 1 more
- (no CPE)range: <=2021 Update 5
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.