Close
Search
-
Close Search
HIGHLIGHT
HIGHLIGHTED
+1
NOW LIVE! ColdFusion 2025 and 2023 June 2026 security updates
June 9, 2026
NOW LIVE! ColdFusion 2025 and 2023 June 2026 security updates
June 9, 2026
Staff
19 posts
0
0
NOW LIVE — the June 2026 security updates for ColdFusion 2025 and ColdFusion 2023 have been released. This update includes important security fixes that mitigate vulnerabilities related to arbitrary code execution, arbitrary file write, information disclosure, stored cross-site scripting, and security feature bypass.
What’s included
The June 2026 release contains:
- Tomcat upgrades. See the respective tech notes for more details.
- Security fixes for multiple vulnerabilities (including remote code execution and privilege escalation vectors).
- Patches to harden request handling, deserialization paths, and template parsing logic.
- Updates to packages.
Why you should install this update
These fixes close high‑ and critical‑severity vulnerabilities that could be used by attackers to execute code, elevate privileges, or access sensitive data. Applying the update reduces risk to your production and development environments.
Download the updates
See the tech notes
Feedback and support
As always, if you encounter issues after updating or need assistance planning your rollout, contact support or reply to this post with details. Your feedback helps us prioritize follow‑up fixes and clarifications.
Thanks,Team ColdFusion
NOW LIVE — the June 2026 security updates for ColdFusion 2025 and ColdFusion 2023 have been released. This update includes important security fixes that mitigate vulnerabilities related to arbitrary code execution, arbitrary file write, information disclosure, stored cross-site scripting, and security feature bypass.
What’s included
The June 2026 release contains:
- Tomcat upgrades. See the respective tech notes for more details.
- Security fixes for multiple vulnerabilities (including remote code execution and privilege escalation vectors).
- Patches to harden request handling, deserialization paths, and template parsing logic.
- Updates to packages.
Why you should install this update
These fixes close high‑ and critical‑severity vulnerabilities that could be used by attackers to execute code, elevate privileges, or access sensitive data. Applying the update reduces risk to your production and development environments.
Download the updates
See the tech notes
Feedback and support
As always, if you encounter issues after updating or need assistance planning your rollout, contact support or reply to this post with details. Your feedback helps us prioritize follow‑up fixes and clarifications.
Thanks,Team ColdFusion
You must be logged in to post a comment.
All Comments
Sort by:
Most Recent 
- Most Recent
- Most Relevant
NOW LIVE! ColdFusion 2025 and 2023 June 2026 security updates
0
0