diff --git a/agents/bakery/cve_2021_44228_log4j.py b/agents/bakery/cve_2021_44228_log4j.py
index 627185003ab4b38f6c3ec020bad5bf9e1507cb63..83fafd7f0f404f6951b4423074055ca8b84f4790 100755
--- a/agents/bakery/cve_2021_44228_log4j.py
+++ b/agents/bakery/cve_2021_44228_log4j.py
@@ -27,6 +27,8 @@
 # 2022-02-13: added options --api-key and --http-proxy
 # 2022-02-24: removed deployment of the logpresso executable -> separate package log4j_executable.mkp
 #             optimised code for config file generation
+# 2022-05-06: fixed not enough values to unpack in exclude_paths bulk (THX to Rene Calmer[at]forum.checkmk.com)
+#
 
 from pathlib import Path
 from typing import List
@@ -170,7 +172,7 @@ def get_cve_2021_44228_log4j_files(conf: List[any]) -> FileGenerator:
                     path = path.strip(' ').strip("'").strip('"')
                     options_array.append(f'--exclude "{path}"')
             elif 'exclude_paths_file' in options['exclude_paths']['exclude_paths']:
-                label, exclude_paths = options['exclude_paths']
+                label, exclude_paths = options['exclude_paths']['exclude_paths']
                 options_array.append(f'--exclude-config {config_path}cve_2021_44228_log4j_exclude.cfg')
             if 'exclude_paths_pattern' in options['exclude_paths'].keys():
                 for path in options['exclude_paths']['exclude_paths_pattern']:
diff --git a/cve_2021_44228_log4j.mkp b/cve_2021_44228_log4j.mkp
index caafcc9505b07fd18505d0225d2ca7448e2327c6..27e15e15e174d8d1f0ba6b34d2afd36327829905 100644
Binary files a/cve_2021_44228_log4j.mkp and b/cve_2021_44228_log4j.mkp differ
diff --git a/packages/cve_2021_44228_log4j b/packages/cve_2021_44228_log4j
index 3cf11ed37ee2e43cc257e724ac2b397cd6ea3e73..ea7e1329e5302d420afeb4d93fdf006b4070d2c5 100644
--- a/packages/cve_2021_44228_log4j
+++ b/packages/cve_2021_44228_log4j
@@ -37,7 +37,7 @@
  'name': 'cve_2021_44228_log4j',
  'num_files': 9,
  'title': 'CVE-2021-44228-log4j scanner plugin',
- 'version': '20220309.v0.1.4',
+ 'version': '20220506.v0.1.4a',
  'version.min_required': '2.0.0',
  'version.packaged': '2021.09.20',
  'version.usable_until': None}
\ No newline at end of file
diff --git a/web/plugins/metrics/cve_2021_44228_log4j.py b/web/plugins/metrics/cve_2021_44228_log4j.py
index e1fefb65edd6ed7c9e81ab457836614ddee993c4..903070f899dfe5d5a3efc08c90f9cf8c049da787 100644
--- a/web/plugins/metrics/cve_2021_44228_log4j.py
+++ b/web/plugins/metrics/cve_2021_44228_log4j.py
@@ -78,17 +78,20 @@ check_metrics['cve_2021_44228_log4j'] = {
 graph_info['cve_2021_44228_log4j_found'] = {
     'title': _('Files found'),
     'metrics': [
-        ('files_mitigated', '-stack'),
+        ('files_safe', '-stack'),
         ('files_skipped', '-stack'),
-        ('files_safe', 'stack'),
-        ('files_potential_vulnerable', 'stack'),
+        ('files_mitigated', '-stack'),
         ('files_vulnerable', 'stack'),
+        ('files_potential_vulnerable', 'stack'),
     ],
     'scalars': [
         ('files_vulnerable:crit', _('crit')),
         ('files_vulnerable:warn', _('warn')),
     ],
-    'optional_metrics': ['files_skipped'],
+    'optional_metrics': [
+        'files_skipped',
+        'files_safe',
+    ],
 }
 
 graph_info['cve_2021_44228_log4j_scanned'] = {