
Adobe ColdFusion CVE-2026-48282: A Max-Severity (CVSS 10) Bug Already Under Attack — Patch Now
CVE-2026-48282 is a CVSS 10.0 path-traversal flaw in Adobe ColdFusion that lets an unauthenticated attacker run code over the network. Adobe patched it June 30, 2026; it's already exploited and on CISA's KEV list. Here's what it is and how to respond.








