Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache Log4j Java Library Allows Arbitrary Code Execution
MINI-vf5r-p29q-8vh7
Summary
The Apache Log4j Java library is used in many web applications. If not configured correctly, it can allow attackers to execute malicious code on the server, potentially leading to further security issues or data breaches. Update the Log4j library to the latest version to address this issue.
What to do
- Update actions-runner-controller to version 0.14.0-r1.
- Update actions-runner-controller-compat to version 0.14.0-r1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | actions-runner-controller | <= 0.14.0-r1 | 0.14.0-r1 |
| – | actions-runner-controller-compat | <= 0.14.0-r1 | 0.14.0-r1 |
Original title
MINI-vf5r-p29q-8vh7
Published: 12 Apr 2026 · Updated: 12 Apr 2026 · First seen: 12 Apr 2026