<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-09T17:06:22.081938+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd39159e-7dce-45cf-89e2-df442f75a465/export</id>
    <title>bd39159e-7dce-45cf-89e2-df442f75a465</title>
    <updated>2026-07-09T17:06:22.098064+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "bd39159e-7dce-45cf-89e2-df442f75a465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza-17", "content": "", "creation_timestamp": "2026-07-08T08:45:03.170489Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd39159e-7dce-45cf-89e2-df442f75a465/export"/>
    <published>2026-07-08T08:45:03.170489+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2752a419-fdbd-4164-be2d-0be0565818cd/export</id>
    <title>2752a419-fdbd-4164-be2d-0be0565818cd</title>
    <updated>2026-07-09T17:06:22.100616+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2752a419-fdbd-4164-be2d-0be0565818cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48276", "type": "seen", "source": "https://bsky.app/profile/getpacketai.bsky.social/post/3mq2nwossau2r", "content": "Critical zero-day in Adobe ColdFusion allows unauthenticated RCE via file upload. CVSS 10.0. If you're running ColdFusion 2023 or 2025, patch\u2026\n\nhttps://dev.to/cverports/cve-2026-48276-cve-2026-48276-unrestricted-file-upload-in-adobe-coldfusion-4f3d\n\n#cybersecurity #infosec", "creation_timestamp": "2026-07-07T13:00:23.502681Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2752a419-fdbd-4164-be2d-0be0565818cd/export"/>
    <published>2026-07-07T13:00:23.502681+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1c412c4c-3961-4c01-801f-63c8280b44cd/export</id>
    <title>1c412c4c-3961-4c01-801f-63c8280b44cd</title>
    <updated>2026-07-09T17:06:22.101622+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1c412c4c-3961-4c01-801f-63c8280b44cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48276", "type": "seen", "source": "https://gist.github.com/alon710/5cc09119469b7bc7e37fcd9f59fdfdb0", "content": "# CVE-2026-48276: CVE-2026-48276: Unrestricted File Upload in Adobe ColdFusion\n\n&amp;gt; **CVSS Score:** 10.0\n&amp;gt; **Published:** 2026-06-30\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-48276\n\n## Summary\nAdobe ColdFusion versions 2025.9 and 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability (CWE-434). An unauthenticated remote attacker can exploit this flaw to upload malicious ColdFusion Markup Language (CFML) files directly into web-accessible directories. Accessing the uploaded script triggers arbitrary code execution in the security context of the running service account.\n\n## TL;DR\nA critical-severity unrestricted file upload vulnerability in Adobe ColdFusion allows unauthenticated remote attackers to execute arbitrary system commands via crafted web scripts.\n\n## Technical Details\n\n- **CWE ID**: CWE-434\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 10.0 (Critical)\n- **Exploit Status**: No public exploits currently documented\n- **KEV Status**: Not listed in CISA KEV catalog\n- **Impact**: Unauthenticated Remote Code Execution\n\n## Affected Systems\n\n- Adobe ColdFusion 2023\n- Adobe ColdFusion 2025\n\n## Mitigation\n\n- Deploy official security hotfixes from Adobe immediately.\n- Implement strict web-server level execute permission restrictions on all upload directories.\n- Configure the ColdFusion application runtime to execute under a dedicated low-privilege service account.\n\n**Remediation Steps:**\n1. Audit all corporate networks to locate active ColdFusion 2023 and 2025 deployments.\n2. For ColdFusion 2025 instances, apply Update 10 or later.\n3. For ColdFusion 2023 instances, apply Update 21 or later.\n4. Confirm patch application by reviewing the active updates tab in the ColdFusion Administrator console.\n5. Configure web server execution maps to prevent execution of server-side files within writable storage directories.\n\n## References\n\n- [Official Adobe Security Advisory (APSB26-68)](https://helpx.adobe.com/security/products/coldfusion/apsb26-68.html)\n- [CVE-2026-48276 Record on CVE.org](https://www.cve.org/CVERecord?id=CVE-2026-48276)\n- [Wiz Vulnerability Database Details](https://www.wiz.io/vulnerability-database/cve/cve-2026-48276)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48276) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-06T11:51:38.029504Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1c412c4c-3961-4c01-801f-63c8280b44cd/export"/>
    <published>2026-07-06T11:51:38.029504+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e29fc72f-cb9f-4edf-bc0f-6f895e02cb19/export</id>
    <title>e29fc72f-cb9f-4edf-bc0f-6f895e02cb19</title>
    <updated>2026-07-09T17:06:22.101785+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e29fc72f-cb9f-4edf-bc0f-6f895e02cb19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://bsky.app/profile/cyfar.ca/post/3mpotfgidrq26", "content": "~Watchtowr~\nAdobe ColdFusion APSB26-68 patches 11 CVEs including multiple RCE and arbitrary file read/write via RDS and CKEditor path traversal.\n-\nIOCs: CVE-2026-48282, CVE-2026-48276, CVE-2026-48313\n-\n#CVE #ColdFusion #RCE #ThreatIntel", "creation_timestamp": "2026-07-02T20:06:10.695809Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e29fc72f-cb9f-4edf-bc0f-6f895e02cb19/export"/>
    <published>2026-07-02T20:06:10.695809+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/119d5ce8-7a75-423a-8de3-df15260baccb/export</id>
    <title>119d5ce8-7a75-423a-8de3-df15260baccb</title>
    <updated>2026-07-09T17:06:22.101898+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "119d5ce8-7a75-423a-8de3-df15260baccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpndzuc4di2o", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-48276 \u0432 Adobe ColdFusion: \u0443\u0433\u0440\u043e\u0437\u0430 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\n\nhttps://kripta.biz/posts/7D8B364D-9D93-4815-B902-60249CCB78B1", "creation_timestamp": "2026-07-02T05:58:35.783586Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/119d5ce8-7a75-423a-8de3-df15260baccb/export"/>
    <published>2026-07-02T05:58:35.783586+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5fb1db67-414e-4886-8610-46590a5f23bc/export</id>
    <title>5fb1db67-414e-4886-8610-46590a5f23bc</title>
    <updated>2026-07-09T17:06:22.102003+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5fb1db67-414e-4886-8610-46590a5f23bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mpll4ubpnt2q", "content": "\ud83d\udd17 CVE : CVE-2026-48276, CVE-2026-48277, CVE-2026-48281, CVE-2026-48282, CVE-2026-48283, CVE-2026-48285, CVE-2026-48307, CVE-2026-48313, CVE-2026-48314, CVE-2026-48315, CVE-2026-48316", "creation_timestamp": "2026-07-01T13:00:13.031404Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5fb1db67-414e-4886-8610-46590a5f23bc/export"/>
    <published>2026-07-01T13:00:13.031404+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bf6717eb-6d8a-4bf5-82d0-6af032c81470/export</id>
    <title>bf6717eb-6d8a-4bf5-82d0-6af032c81470</title>
    <updated>2026-07-09T17:06:22.102108+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bf6717eb-6d8a-4bf5-82d0-6af032c81470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116844608391888622", "content": "CRITICAL vulnerabilities patched in Adobe ColdFusion (2025/2023) &amp;amp; Campaign Classic (7.4.3 build 9397). Multiple CVSS 10.0 flaws incl. CVE-2026-48286, CVE-2026-48276 \u2013 83. No active exploits, but patch ASAP. https://radar.offseq.com/threat/adobe-patches-critical-coldfusion-campaign-classic-baee08e7ac9d8888 #OffSeq #Adobe #ColdFusion #Vuln", "creation_timestamp": "2026-07-01T12:00:35.329807Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bf6717eb-6d8a-4bf5-82d0-6af032c81470/export"/>
    <published>2026-07-01T12:00:35.329807+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f3c84f5c-2667-4017-8117-68fa340fa3d4/export</id>
    <title>f3c84f5c-2667-4017-8117-68fa340fa3d4</title>
    <updated>2026-07-09T17:06:22.102212+00:00</updated>
    <author>
      <name>Joseph Lee</name>
      <uri>https://cvepremium.circl.lu/user/syspect</uri>
    </author>
    <content>{"uuid": "f3c84f5c-2667-4017-8117-68fa340fa3d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://www.cert.dk/news/2026-07-01/Kritiske-ColdFusion-saarbarheder-aabner-for-fuld-serverovertagelse", "content": "", "creation_timestamp": "2026-07-01T09:45:03.016416Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f3c84f5c-2667-4017-8117-68fa340fa3d4/export"/>
    <published>2026-07-01T09:45:03.016416+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/55417216-45b7-4932-af24-1056122103be/export</id>
    <title>55417216-45b7-4932-af24-1056122103be</title>
    <updated>2026-07-09T17:06:22.102314+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "55417216-45b7-4932-af24-1056122103be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48276", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpkgmzkfc726", "content": "\ud83d\udccc CVE-2026-48276 - ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in ... https://www.cyberhub.blog/cves/CVE-2026-48276", "creation_timestamp": "2026-07-01T02:07:07.764126Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/55417216-45b7-4932-af24-1056122103be/export"/>
    <published>2026-07-01T02:07:07.764126+00:00</published>
  </entry>
</feed>
