CVE-2025-34074 | Lucee 5.x/6.x /lucee/admin/web.cfm code injection

July 2, 2025 Yanac

A vulnerability was found in Lucee 5.x/6.x. It has been classified as critical. This affects an unknown part of the file /lucee/admin/web.cfm. The manipulation leads to code injection.

This vulnerability is uniquely identified as CVE-2025-34074. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-34090 | Google Chrome 127.x/128.x Inter-Process Communication untrusted search path
CVE-2025-34091 | Google Chrome 127.x/128.x AppBound Cookie Encryption information exposure