Hi everyone, We have identified a list of high/critical CVEs for the Drools and Kogito runtime libraries, and we are working to have an interim [1] patch release for 8.40.x and 1.40.x to address those high/critical security issues.
Feel free to reach out if you have any questions or concerns. [1] - https://incubator.apache.org/guides/releasemanagement.html#requesting_feedback_on_interim_non_asf_releases Regards, Alex