A newly discovered vulnerability (CVE-2022-42889) in Apache Commons Text allows remote code execution via crafted input strings, impacting thousands of applications. Dubbed 'Text4Shell', this flaw echoes Log4Shell's widespread threat potential but with key differences in exploitation complexity. Security teams are racing to patch systems as researchers confirm active scanning in the wild.