CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-48314
Medium

A Path Traversal vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier allows bypassing path restrictions. An attacker can gain limited read and write access to unauthorized files or directories outside intended restrictions. Exploitation does not require user interaction.

CVE-2026-48313
Critical

A Path Traversal vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier allows unauthorized file system read and limited write access outside the intended directory. An attacker can exploit this without user interaction, gaining access to sensitive files.

CVE-2026-48307
High

Reflected XSS vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier. An attacker can inject malicious scripts into a web page, potentially leading to arbitrary code execution in the context of the current user. User interaction (clicking a malicious link) is required.

CVE-2026-48286
Critical

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation does not require user interaction and the scope is changed.

CVE-2026-48285
High

An SSRF vulnerability in ColdFusion allows bypassing security measures and unauthorized read access. Exploitation requires no user interaction and the scope is changed.

CVE-2026-48283
Critical

A vulnerability in ColdFusion allows unrestricted upload of files with dangerous types, potentially leading to arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the scope is changed.

CVE-2026-48282
CriticalActively exploitedEPSS 87%

A Path Traversal vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier allows a remote attacker to execute arbitrary code in the context of the current user without requiring user interaction. The issue stems from improper limitation of a pathname to a restricted directory.

CVE-2026-48281
CriticalEPSS 54%

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

CVE-2026-48277
CriticalEPSS 54%

A vulnerability in ColdFusion versions 2025.9, 2023.20 and earlier is caused by improper input validation, potentially leading to remote arbitrary code execution in the context of the current user. Exploitation requires no user interaction and the scope is changed.

CVE-2026-48276
CriticalEPSS 56%

A vulnerability in ColdFusion allows unrestricted upload of files with dangerous types, potentially leading to arbitrary code execution in the context of the current user. Exploitation requires no user interaction and the scope is changed.

CVE-2026-44948
Medium

A path traversal vulnerability in the ImageScan subsystem of Rancher Fleet affects versions 0.12.0 to 0.12.16, 0.13.0 to 0.13.12, 0.14.0 to 0.14.7, and 0.15.0 to 0.15.3, allowing an attacker to traverse outside the intended directory and cause a denial of service.

CVE-2026-13455
Medium

A vulnerability in PostgreSQL Anonymizer allows unprivileged masked users to repeatedly call the anon.hash() function and collect (seed, hash_output) pairs to perform an offline brute-force attack and deduce the salt.

CVE-2026-4360
Medium

The Tarfile.extract() function does not properly pass the filter parameter when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract() function.

CVE-2026-48192
Medium

A vulnerability in Mendix Studio Pro arises from improper validation and sanitization of project files processed during the build pipeline. An attacker can trick a user into opening and running a specially crafted malicious project, leading to arbitrary code execution in the context of that user.

CVE-2026-44949
High

A vulnerability in Rancher FleetWorkspace allows an unauthenticated attacker with network access to the in-cluster rancher-webhook service to create workspace-related Kubernetes objects with attacker-chosen identity data. Affected versions are 0.7.0 to 0.7.10, 0.8.0 to 0.8.7, 0.9.0 to 0.9.6, and 0.10.0 to 0.10.7.

CVE-2026-44947
Medium

A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.

CVE-2026-27957
High

In Coolify prior to version 4.0.0-beta.464, an authenticated command injection vulnerability in the CA Certificate management feature allows any authenticated user to execute arbitrary commands as the configured SSH user on the managed server host.

CVE-2026-27956
Medium

Coolify prior to version 4.0.0-beta.464 has a vulnerability in the `GET /api/v1/servers/{server_uuid}/domains?uuid={app_uuid}` endpoint that bypasses team scoping when the optional `uuid` parameter is provided. Any authenticated API user can enumerate domain names (FQDNs) of applications belonging to other teams.

CVE-2026-27955
Medium

Coolify prior to version 4.0.0-beta.464 has a vulnerability in the executeInDocker() helper that wraps commands in bash -c without escaping single quotes. The docker_compose_custom_build_command and docker_compose_custom_start_command fields are interpolated directly, allowing an attacker to break out of the bash -c argument and execute arbitrary commands on the managed server host.

CVE-2026-27883
Medium

Coolify prior to version 4.0.0-beta.464 has a vulnerability in the GET /api/v1/deployments/{uuid} endpoint that allows any authenticated user to access deployment details of any team, bypassing team-based authorization. The issue stems from the $teamId extracted from the authentication token not being used to scope the database query.

PreviousPage 238 of 4688Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS