OWASP has released security updated to address Apache Log4j vulnerability in ZAP. Exploitation of this vulnerability may allow an attacker to take control of an affected system.
Users and Administrators are encouraged to review ZAP Blog Post and apply necessary updates