ConfigCat is NOT affected
A remote code execution flaw was recently discovered in log4j. The vulnerability is fixed in log4j 2.15.0.
Log4j is a popular Java logging library. It is used by many popular Java applications. We have double-checked our systems and SDKs to be sure that they are not affected by this vulnerability.