Loading
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker requires elevated privileges. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Use CWE-20, Adobe vendor hub and Coldfusion product page to widen CVE-2026-27306 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-27304, CVE-2026-27305 and CVE-2026-34619 for nearby disclosures in the same product family.