NVD disclosure day

Published threat advisories for March 23, 2023

CVE-2023-26360

Adobe ColdFusion Code Execution Risk

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe ColdFusion is impacted by an access control vulnerability that could allow attackers to execute arbitrary code. This poses a business risk by potentially compromising systems and data. The attack is network-exploitable without user interaction.

NVD published: March 23, 2023 • CISA KEV

CVE advisoryKnown Exploit

CVE-2023-26359

Adobe ColdFusion Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A deserialization vulnerability affects Adobe ColdFusion, allowing remote code execution without user interaction. This poses a significant business risk, potentially leading to data breaches and system compromise.

NVD published: March 23, 2023 • CISA KEV