Ongoing active abuse of a critical deserialization flaw in Adobe ColdFusion has prompted the security bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, according to The Hacker News.
Article Link: CISA includes critical Adobe ColdFusion vulnerability in KEV catalog | SC Media