Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/27 5:36 p.m.10 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in Apache Log4j

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in Apache Log4j. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...

7.5CVSS6.4AI score0.0086EPSS
Exploits2Affected Software1
OSV
OSVadded 2026/05/18 5:20 p.m.6 views

CLSA-2026-1779124827 log4j: Fix of CVE-2026-34479

CVE-2026-34479: fix Log4j1XmlLayout invalid XML 1.0 character escape...

7.5CVSS5.8AI score0.00535EPSS
Exploits1References1
Github Security Blog
Github Security Blogadded 2026/04/10 6:31 p.m.5 views

Apache Log4j 1 to Log4j 2 bridge: silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

7.5CVSS5.8AI score0.00535EPSS
Exploits1References8Affected Software1
Snyk
Snykadded 2026/04/10 5:8 p.m.4 views

Improper Encoding or Escaping of Output

Overview org.apache.logging.log4j:log4j-core is a logging library for Java. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the Log4j1XmlLayout plugin. An attacker can cause log events to be silently lost or downstream log processing systems to drop ...

7.7CVSS5.8AI score0.00535EPSS
Exploits1References2
OSV
OSVadded 2026/04/10 4:16 p.m.5 views

DEBIAN-CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

7.5CVSS5.2AI score0.00535EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/04/10 4:16 p.m.2 views

CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

7.5CVSS5.8AI score0.00535EPSS
Exploits1References7
Debian CVE
Debian CVEadded 2026/04/10 3:41 p.m.4 views

CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

7.5CVSS5.2AI score0.00535EPSS
Exploits1
CNNVD
CNNVDadded 2026/04/10 12:0 a.m.5 views

Apache Log4j 安全漏洞

Apache Log4j is an open-source logging tool based on Java, developed by the Apache Foundation in the United States. There is a security vulnerability in Apache Log4j, which stems from Log4j1XmlLayout failing to escape characters prohibited by the XML 1.0 standard, potentially resulting in...

7.5CVSS5.8AI score0.00535EPSS
Exploits1References6
Rows per page
Query Builder