On June 2, 2022 Volexity announced active exploitation of Atlassian Confluence. An active Remote Code Execution via OGNL injection CVE-2022-26134 and impacts all versions of Confluence Server and Data Center versions greater than 1.3.0.

Atlassian has released their security advisory with patches and mitigation instructions supplied.

Peakhour WAF clients are already protected. We have observed a 200% increase of OGNL based exploit attempts since the announcement of the vulnerability on June 2nd.