Adobe ColdFusion CVE-2023-26359 Arbitrary Code Execution Vulnerability


Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

description-logoOutbreak Alert

FortiGuard Labs continue to see cyber-attacks targeting to exploit the ColdFusion vulnerability CVE-2023-26360. Blocking over multiple hundreds of attacks over the last weeks.

View the full Outbreak Alert Report

affected-products-logoAffected Applications


Telemetry logoTelemetry