CVE-2026-27306

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.18 and 2025.6

Description Improper Input Validation could result in arbitrary code execution in the context of the current user. Exploitation requires the attacker to have elevated privileges and requires user interaction, specifically that a victim opens a malicious file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.