Log4j vulnerability On 2021-12-09 a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed that could allow remote, unauthenticated attackers