CyberRota
← Ana sayfaya dön

CVE-2026-47960

HIGH · CVSS 7.4 EPSS %0.41 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-09T21:17:24.387 · Çekilme zamanı: 2026-06-30T12:15:35.261550+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-47960
Severity
HIGH
CVSS
7.4
EPSS
%0.41

Orijinal NVD Açıklaması

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.