HIGH
Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
Adobe patched seven maximum-severity (CVSS 10.0) vulnerabilities across ColdFusion and Campaign Classic. The ColdFusion fixes address flaws that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass. No active exploitation has been reported. Given the CVSS 10.0 ratings and ColdFusion’s history as an attacker target, self-hosted deployments should prioritize patching over the normal maintenance cycle.