CVE-2026-34479 | Apache Log4j 1 to Log4j 2 Bridge up to 2.25.3/3.0.0-beta2 Log4j1XmlLayout escape output

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability was found in Apache Log4j 1 to Log4j 2 Bridge up to 2.25.3/3.0.0-beta2. It has been classified as problematic. This affects an unknown function of the component Log4j1XmlLayout. The manipulation leads to escaping of output.

This vulnerability is uniquely identified as CVE-2026-34479. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-34479 | Apache Log4j 1 to Log4j 2 Bridge up to 2.25.3/3.0.0-beta2 Log4j1XmlLayout escape output

Post correlati

CVE-2024-12544 | devsoftbaltic SurveyJS Plugin up to 1.12.17 on WordPress wp-config.php SurveyJS_DeleteFile authorization

CVE-2024-36262 | Intel System Security Report and System Resources Defense race condition (intel-sa-01203)

CVE-2026-24558 | antoniobg ABG Rich Pins Plugin up to 1.1 on WordPress cross site scripting

CVE-2026-5290 | Google Chrome up to 146.0.7680.165 Compositing use after free (ID 496205)