CVE-2026-40021 | Apache Log4net up to 3.2.x XmlLayout/XmlLayoutSchemaLog4J escape output

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability was found in Apache Log4net up to 3.2.x. It has been rated as problematic. Affected is the function XmlLayout/XmlLayoutSchemaLog4J. This manipulation causes escaping of output.

The identification of this vulnerability is CVE-2026-40021. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-40021 | Apache Log4net up to 3.2.x XmlLayout/XmlLayoutSchemaLog4J escape output

Post correlati

CVE-2025-4962 | lunary-ai lunary up to 1.9.22 API /v1/templates projectId access control

CVE-2021-32589 | Fortinet FortiManager/FortiAnalyzer up to 7.0.0 use after free (FG-IR-21-067)

CVE-2024-9581 | Shortcodes AnyWhere Plugin up to 1.0.1 on WordPress Shortcode Remote Code Execution

CVE-2024-48021 | Scott Paterson Contact Form 7 Plugin up to 2.3 on WordPress cross site scripting