A vulnerability categorized as problematic has been discovered in Adobe ColdFusion up to 2023.19/2025.8 . The affected element is an unknown function of the component File Handler . Such manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2026-47960 . The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.