Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Bleeping Computer

Critical ColdFusion flaws exploited in attacks to drop webshells

Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a newer version of the bug was seen by Rapid7 to be actively exploited. Hackers are ...
Threat Post

Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions

While Adobe’s regularly scheduled security updates were light this month, they fixed “important” severity vulnerabilities. Adobe released security patches for vulnerabilities in its ColdFusion, After ...
Computer Weekly

Critical Adobe ColdFusion flaws chained in ongoing cyber attacks

Two vulnerabilities in the Adobe ColdFusion platform are being actively exploited by threat actors in a series of cyber attacks, apparently after a proof of concept (PoC) for one of them was ...

Patchday: Adobe closes over 120 security vulnerabilities in InDesign & Co.

With 56 items, Adobe has closed the most vulnerabilities in Experience Manager. Here, the versions AEM Cloud Service (CS) Release 2026.05, 6.5 LTS Service Pack 2, and 6.5 Service Pack 25 help. Further ...