Vulnerability Details CVE-2025-61812
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could allow a high privileged attacker to gain arbitrary code execution. Exploitation of this issue does not require user interaction.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.1%
CVSS Severity
CVSS v3 Score 8.4
Products affected by CVE-2025-61812
-
cpe:2.3:a:adobe:coldfusion:2021
-
cpe:2.3:a:adobe:coldfusion:2023
-
cpe:2.3:a:adobe:coldfusion:2025