Loading
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Use CWE-20, Adobe vendor hub and Coldfusion product page to widen CVE-2026-27304 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-27305, CVE-2026-27306 and CVE-2026-34619 for nearby disclosures in the same product family.