Tag
cve-2022-26134
Safeguard articles tagged "cve-2022-26134" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
Confluence OGNL Injection (CVE-2022-26134) Explained
CVE-2022-26134 is a CVSS 9.8 unauthenticated OGNL injection in Atlassian Confluence, exploited as a zero-day before the patch. Here is how the flaw works and which versions fixed it.
Jul 5, 20266 min read
Vulnerability Analysis
Confluence Zero-Day (CVE-2022-26134): Atlassian's OGNL Injection Crisis
An unauthenticated RCE zero-day in Confluence Server was being actively exploited before Atlassian even knew about it. The vulnerability affected virtually every on-premise Confluence installation.
Jun 3, 20225 min read