All information below is accurate to the best of our knowledge, however due to this being an ongoing issue please remain on the safe side of things and be cautious.
Our recommendation is to not connect to ANY servers or RUN any servers until mojang has made an official announcement regarding this issue
TL;DR The RCE in question relates to the logging library Log4J, any message logged can access JNDI,