Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.3 CVE-2026-48313

ColdFusion | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) (CWE-22)_CVE-2026-48313

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v...

Adobe ColdFusion CVE
CRITICAL 10 CVE-2026-48286

Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)_CVE-2026-48286

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in ar...

Adobe Adobe Campaign Classic (ACC) CVE
CRITICAL 10 CVE-2026-48283

ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)_CVE-2026-48283

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result ...

Adobe ColdFusion CVE
CRITICAL 10 CVE-2026-48282

ColdFusion | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) (CWE-22)_CVE-2026-48282

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v...

Adobe ColdFusion CVE
CRITICAL 10 CVE-2026-48281

ColdFusion | Improper Input Validation (CWE-20)_CVE-2026-48281

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code exec...

Adobe ColdFusion CVE
CRITICAL 10 CVE-2026-48277

ColdFusion | Improper Input Validation (CWE-20)_CVE-2026-48277

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code exec...

Adobe ColdFusion CVE
CRITICAL 10 CVE-2026-48276

ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)_CVE-2026-48276

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result ...

Adobe ColdFusion CVE
CRITICAL 9.1 CVE-2026-58172

Ocelot – IP Allow/Block List Bypass for WebSocket Upgrade Requests_CVE-2026-58172

Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based ...

ThreeMammals Ocelot CVE
CRITICAL 9.1 CVE-2026-58166

OpenBMB ChatDev – Unauthenticated Path Traversal in Upload Handler Allows Arbitrary File Write and Delete_CVE-2026-58166

OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to wri...

OpenBMB ChatDev CVE
CRITICAL 9.8 THN:18D5B5F2FBD...

Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints_THN:18D5B5F2FBD829B5E2123067D35CAF01

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA2GvsvmPnHZF-e1GDbhOVW4DxQZr79HzSMLp7-YKaA9DC-V2fVo6cmBig0bxUxWjK0Kz1mTm2Cmg6CrjaKg...

N/A N/A THN