Post
HIGH

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

· vulnerability · cve · rce

Adobe patched seven maximum-severity (CVSS 10.0) vulnerabilities across ColdFusion and Campaign Classic. The ColdFusion fixes address flaws that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass. No active exploitation has been reported. Given the CVSS 10.0 ratings and ColdFusion’s history as an attacker target, self-hosted deployments should prioritize patching over the normal maintenance cycle.