In early December, 2021, a major security flaw was reported in a commonly used module of the Apache http server named Log4j.  This vulnerability is specific to a Java-based logging module, which is not used by UnForm or CirrusPrint.  Neither program uses Java at all.