Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-48340 — Bridge | Untrusted Pointer Dereference (CWE-822)

Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac…

bridge | Memory Corruption
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-48339 — Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…

bridge | Memory Corruption
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
6.8 MEDIUM
CVE-2026-48338 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal…

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this…

| Path Traversal
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.7 HIGH
CVE-2026-48332 — ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918)

ColdFusion is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass secu…

Remote | Server-Side Request Forgery
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
2.7 LOW
CVE-2026-48329 — ColdFusion | Insufficient Session Expiration (CWE-613)

ColdFusion is affected by an Insufficient Session Expiration vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass secur…

Remote | Authentication
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.7 HIGH
CVE-2026-48328 — ColdFusion | Improper Input Validation (CWE-20)

ColdFusion is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security mea…

Remote | Authentication
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.0 CRITICAL
CVE-2026-48327 — ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user i…

| Authorization
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
9.3 CRITICAL
CVE-2026-48325 — ColdFusion | Missing Authentication for Critical Function (CWE-306)

ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue doe…

| Authentication
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
9.1 CRITICAL
CVE-2026-48324 — ColdFusion | Improper Neutralization of Special Elements used in an SQL Command ('SQL Inj…

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could result in arbitrary code execution in the context of the cur…

Remote | Injection
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
9.6 CRITICAL
CVE-2026-48322 — ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94)

ColdFusion is affected by an Improper Control of Generation of Code ('Code Injection') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …

Remote | Injection
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
9.3 CRITICAL
CVE-2026-48321 — ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized read and write access.…

| Authorization
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
8.5 HIGH
CVE-2026-48320 — ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79)

ColdFusion is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated …

| Cross-Site Scripting
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.1 CRITICAL
CVE-2026-48319 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal…

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary code execution in the context of the current u…

Remote | Path Traversal
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
9.9 CRITICAL
CVE-2026-48318 — ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal…

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this…

Remote | Path Traversal
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-48311 — Bridge | Out-of-bounds Write (CWE-787)

Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th…

bridge | Memory Corruption
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
5.9 MEDIUM
CVE-2026-48308 — Premiere Pro | Improper Input Validation (CWE-20)

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and ga…

premiere | Authorization
Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
9.6 CRITICAL
CVE-2026-48284 — ColdFusion | Improper Input Validation (CWE-20)

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user…

| Injection
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-48274 — After Effects | Out-of-bounds Write (CWE-787)

After Effects is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…

after_effects | Memory Corruption
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-48272 — Creative Cloud Desktop | Uncontrolled Search Path Element (CWE-427)

Creative Cloud Desktop is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions…

| Path Traversal
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
7.8 HIGH
CVE-2026-48270 — Premiere Pro | Out-of-bounds Write (CWE-787)

Premiere Pro is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…

premiere | Memory Corruption
Jul 14, 2026 Jul 15, 2026
Jul 14, 2026
Jul 15, 2026
Showing 20 of 8375 Results