A patched Adobe ColdFusion is being exploited in the wild, update now

Adobe’s rapid web-application development platform, Adobe ColdFusion, received a patch earlier this month that fixes several exploits, including CVE-2026-48282. However, users need to ensure they update now if they haven’t already because the aforementioned exploit is already being used in the real world.

The maximum-severity vulnerability is a path traversal issue that can result in an arbitrary code execution without authentication. In plain English, an attacker could remotely execute code on vulnerable servers. The bug affects ColdFusion 2025.9, 2023.20, and previous versions.

Ryan Dewhurst was the first to spot the bug being exploited in the wild last week. He said that within just two hours of the details being shared of the exploit, it was being exploited in the wild. Dewhurst said this was the fastest turnaround for an exploit to appear after patch notes were released, and it means more people could be affected as they’re less likely to have been patched.

🚨Within under two hours of CVE-2026-48282 public details being released, KEVIntel captured in-the-wild exploitation within our global honeypot network.

Unauthenticated Arbitrary File Write & Read in Adobe ColdFusion

Attacker location: India
Attacker IP: 103.207.14[.]220

If… pic.twitter.com/fok7ZQ56Gy

— Ryan Dewhurst (@ethicalhack3r) July 2, 2026

Dewhurst noted that the attacker in the detected attack was located in India and had the IP address 103.207.14[.]220. KEVIntel’s global honeypot network detected it being used in the wild.

The other patched exploits don’t seem to be being exploited yet, but that could change at any point. Given that even one of the vulnerabilities is being exploited, it is important to update ColdFusion right away if you’re using it. You can check out Adobe"s official security advisory here.

Report a problem with article
Next Article

Google gives backing to firm building futuristic energy source

Previous Article

Microsoft confirms an upcoming Windows 11 26H2 default change