as you have probably heard already a vulnerability was found in Log4j2, a popular logging library. PDFsam Basic uses Logback as its logging library and is therefore not affected by the vulnerability. Meanwhile, a lower severity issue was discovered in Log4j 1.x and Logback and was fixed in Logback v1.2.8.
We have updated and released PDFsam Basic v4.2.9 to use the fixed version of Logback. You can download it as usual from the Downloads section. We will remain vigilant and address any issues that may arise in the coming days.
PDFsam and Log4j2 vulnerability