Apache Commons Collections Deserialization Vulnerability in Apache Struts

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache Commons Collections Deserialization Vulnerability in Apache Struts

CVE-2026-26257

Summary

Apache Struts, a web application framework, has a vulnerability that allows an attacker to inject malicious code. This could allow unauthorized access to sensitive data or take control of the system. Update to the latest version of Apache Struts to fix the issue.

Original title

Rejected reason: Not used

Original description

Rejected reason: Not used

Published: 13 Feb 2026 · Updated: 10 Mar 2026 · First seen: 6 Mar 2026