Apache Struts2 RCE — exploited within hours of disclosure against financial, government and healthcare targets. Another critical Struts RCE after Equifax. Update all Struts2 deployments to 2.3.35 or 2.5.17 immediately.
Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true and the namespace value is not set for a result defined in XML configurations.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →