CYBERHAWK / CVE / CVE-2026-47960

CVE-2026-47960

HIGH CVSS 7.4 other

The flaw

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to ac

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-47960

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits