Adobe ColdFusion administrators woke up to an urgent warning this week: a critical path traversal vulnerability (CVE-2026-48282) is being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on July 7, 2026, and issued a binding remediation timeline for federal agencies under BOD 26-04 that requires
