The Apache Shiro team is pleased to announce the release of Apache Shiro 
version 2.2.1

Apache Shiro is a powerful and easy-to-use Java security framework that 
performs authentication, authorization, cryptography, and session 
management. With Shiro’s easy-to-understand API, you can quickly and 
easily secure any application – from the smallest mobile applications to 
the largest web and  enterprise applications.

# This is a update release for 2.x. All changes and release notes:

https://github.com/apache/shiro/releases/tag/shiro-root-2.2.1

# This release addresses the following security issues:
CVE-2026-48589 and CVE-2026-49268

# Download and verification instructions are available on our download page:

https://shiro.apache.org/download.html

# For more information on Shiro, please read the documentation:

https://shiro.apache.org/documentation.html


Enjoy!

The Apache Shiro Team

Reply via email to