Active Exploitation of CVE-2026-48282 in Adobe ColdFusion
Successful exploitation could lead to arbitrary code execution in the context of the current user
Summary
Successful exploitation could lead to arbitrary code execution in the context of the current user
Affected platforms
The following platforms are known to be affected:
Threat details
Exploitation of CVE-2026-48282
Security researchers have reported observing exploitation of vulnerability CVE-2026-48282 in the wild.
The NHS England National CSOC assesses further exploitation as highly likely.
Introduction
Adobe has released security updates for a critical vulnerability in Adobe ColdFusion.
- CVE-2026-48282 - 'Path Traversal' vulnerability - CVSSv3 score - 10.
Remediation advice
Affected organisations are encouraged to review Adobe Security Bulletin APSB26-68 and apply the relevant update as soon as possible.
Definitive source of threat updates
Last edited: 3 July 2026 10:21 am