diff --git a/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.java b/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.java
new file mode 100644
index 0000000000..ed65411fd8
--- /dev/null
+++ b/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.java
@@ -0,0 +1,45 @@
+public class ActiveDebugCode{
+
+    public void bad(){
+        StackTraceElement[] elements;
+
+        Exception e = new Exception();
+        elements = e.getStackTrace();
+
+        // ruleid: active-debug-code-getstacktrace
+        System.err.print(elements);
+    }
+
+    public void bad2(){
+        StackTraceElement[] elements;
+
+        elements = Thread.currentThread().getStackTrace();
+
+        // ruleid: active-debug-code-getstacktrace
+        System.err.print(elements);
+    }
+
+    public void bad3(){
+        StackTraceElement[] elements;
+
+        elements = new Throwable().getStackTrace();
+
+        // ruleid: active-debug-code-getstacktrace
+        System.err.print(elements);
+    }
+
+    public void bad4(){
+        // ruleid: active-debug-code-getstacktrace
+        System.out.println(org.apache.commons.lang3.exception.ExceptionUtils.getStackTrace(e));
+        // ruleid: active-debug-code-getstacktrace
+        System.out.println(org.apache.commons.lang3.exception.ExceptionUtils.getFullStackTrace(e));
+    }
+
+    public void alsobad(){
+        for (StackTraceElement ste : Thread.currentThread().getStackTrace()) {
+            // ruleid: active-debug-code-getstacktrace
+            System.out.println(ste);
+        }
+    }
+
+}
diff --git a/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.yaml b/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.yaml
new file mode 100644
index 0000000000..ebe4146a47
--- /dev/null
+++ b/java/lang/security/audit/active-debug-code-getstacktrace/active-debug-code-getstacktrace.yaml
@@ -0,0 +1,42 @@
+rules:
+- id: active-debug-code-getstacktrace
+  message: Possible active debug code detected. Deploying an application with debug
+    code can create unintended entry points or expose sensitive information.
+  severity: WARNING
+  metadata:
+    likelihood: MEDIUM
+    impact: LOW
+    confidence: MEDIUM
+    interfile: true
+    category: security
+    subcategory:
+    - vuln
+    cwe:
+    - 'CWE-489: Active Debug Code'
+    functional-categories:
+    - debug::search::active-debug-code::java.lang
+    owasp:
+    - A10:2004 - Insecure Configuration Management
+    - A06:2017 - Security Misconfiguration
+    - A05:2021 - Security Misconfiguration
+    references:
+    - https://cwe.mitre.org/data/definitions/489.html
+    - https://www.acunetix.com/vulnerabilities/web/stack-trace-disclosure-java/
+    - https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/08-Testing_for_Error_Handling/02-Testing_for_Stack_Traces
+    - https://www.securecodewarrior.com/blog/coders-conquer-security-share-learn-series-information-exposure
+    technology:
+    - java
+    license: Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license
+    vulnerability_class:
+    - Active Debug Code
+  languages:
+  - java
+  mode: taint
+  pattern-sources:
+  - pattern: $EXCEPTION.getStackTrace()
+  - pattern: $UTIL.getStackTrace(...)
+  - pattern: $EXCEPTION.getFullStackTrace(...)
+  pattern-sinks:
+  - pattern: $SYSTEM.println(...)
+  - pattern: $SYSTEM.print(...)
+  - pattern: $SYSTEM.format(...)