Atlasian has announced a 0-day hole in the Confluence Server – will be updated soon!

Software Development and Collaboration Toolkit Atlasian issues a warning Dangerous zero-day In its collaboration software.


There are no warnings about bugs visible on the company’s main webpage, featuring the company’s most popular tools JIRA (an IT ticket system) and Trello (a discussion board), but you’ll find Confluence Security Advisory 2022-06-02 Sangam sub-site.

The official bug number is CVE-2022-26134.

The bug existed Out By U.S. threat response company Volexity, which claims to have uncovered vulnerabilities in wildlife investigations “Included JSP webshells are being written to disk”.