The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to itsKnown Exploited Vulnerabilities Catalogbased on “evidence of active exploitation.” The critical severity flaw, assigned the identifierCVE-2022-22965(CVSS score: 9.8) and dubbed “Spring4Shell”, impacts Spring