CVE-2021-26084CISA KEVEPSS p100.0%

CVE-2021-26084Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability

Atlassian / Confluence Server and Data Center

Description

Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.

Scoring

EPSS100.00% probability of exploitation · percentile 100.0% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryAtlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerabilitykev-cve-2021-260840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Atlassian Confluence Data Center and Server Template Injection Vulnerability
CVE
Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
CVE
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
CVE
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
CVE
Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability
CVE
Atlassian Confluence Data Center and Server Broken Access Control Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.