We are pleased to inform you that we’ve released security updates for ColdFusion 2025, 2023, and 2021 releases. For more information, see the respective tech notes:

• ColdFusion (2025 release) Update 5
• ColdFusion (2023 release) Update 17
• ColdFusion (2021 release) Update 23

The updates includes important security fixes that mitigate vulnerabilities related to arbitrary file system write, arbitrary file system read, arbitrary code execution, and security feature bypass. The updates also include:

• New JVM flags
• Changes to serialfilter
• CAR migration changes
• Tomcat upgrade
• Bug fixes and known issues

View the tech notes and security bulletin, APSB25-105, for more information.

Download the updates

• ColdFusion 2025 updates
• ColdFusion 2023 updates
• ColdFusion 2021 updates

Docker and CFFiddle
Docker and CFFiddle will be available shortly.

Important

End of core support for ColdFusion 2021 update release

Adobe ColdFusion (2021 release) Update 23 marks the end of core support for ColdFusion 2021 update releases.

Adobe ColdFusion (2021 release) Update 23 is the final update, as this version reached its end of core support on November 10, 2025. After this update, no further core updates will be provided for this version.

Note: Extended support options may still be available after core support ends. Please review Adobe’s End-of-Life (EOL) matrix for details on timelines and support plans. See the Adobe support matrix for more information.