CISA adds CVE-2022-26134 to its Known Exploited Vulnerabilities Catalog. It’s a critical zero-day flaw in Atlassian’s Confluence Server and Data Center. The company patched it, but It’s actively exploited

CVE-2022-26134 has been added by CISA cybersecurity exerts to its Known Exploited Vulnerabilities Catalog, based on evidence of cybercrime active exploitation. Atlassian has released new Confluence Server and Data Center versions to address the critical zero-day flaw that allows an unauthenticated attacker to execute code remotely in these products. Atlassian reports that there is known exploitation of this vulnerability.