CVE-2022-26134: Patches Become Available for Confluence Zero-

CVE-2022-26134: Patches Become Available for Confluence Zero-Day as Proof of Concept Goes Public

On June 3 at 10 am PDT, Atlassian updated its advisory for CVE-2022-26134, the Confluence Server and Data Center zero-day vulnerability that was first disclosed yesterday. Atlassian has published patches for various versions of Confluence.

Tenable product coverage for this vulnerability has been developed and will be available in the feed within the next few hours.

Plugin ID 161808: “CVE-2022-26134 Confluence Version Check”

Additionally, Tenable’s Security Response Team is aware that a public proof-of-concept exploit for this flaw has been published to GitHub.

We are investigating a direct check for this flaw.

We have published our blog for this vulnerability in a FAQ format and any additional updates, including the availability of a direct check will be shared there.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

CVE-2022-26134: Patches Become Available for Confluence Zero-

Recent Discussions

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Americas

Europe

Asia / Australia