Critical active threat
CVE-2021-44228 Apache Log4j2 Remote Code Execution
- Actively exploited (CISA KEV)
- CVSS 10
- Listed on CISA KEV
- Remote code execution exposure
Apache Log4j2 RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.