CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild.
The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek.
Oracle’s First 2026 CPU Delivers 337 New Security Patches
Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products.
The post Oracle’s First 2026 CPU Delivers 337 New Security Patches appeared first on SecurityWeek.
CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
CISA has added CVE-2025-61757 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability appeared first on SecurityWeek.
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager.
The post Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day appeared first on SecurityWeek.
Oracle Releases October 2025 Patches
The Critical Patch Update contains 374 new security patches that resolve many vulnerabilities.
The post Oracle Releases October 2025 Patches appeared first on SecurityWeek.
Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data
It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild.
The post Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data appeared first on SecurityWeek.
Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks
The software giant’s investigation showed that vulnerabilities patched in July 2025 may be involved.
The post Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks appeared first on SecurityWeek.
Cybercriminals Claim Theft of Data From Oracle E-Business Suite Customers
The attackers are claiming to be affiliated with the notorious Cl0p ransomware group and links have been found to FIN11.
The post Cybercriminals Claim Theft of Data From Oracle E-Business Suite Customers appeared first on SecurityWeek.
Oracle Patches 200 Vulnerabilities With July 2025 CPU
Oracle’s July 2025 Critical Patch Update contains 309 security patches that address approximately 200 unique CVEs.
The post Oracle Patches 200 Vulnerabilities With July 2025 CPU appeared first on SecurityWeek.
CISA Issues Guidance After Oracle Cloud Hack
CISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack.
The post CISA Issues Guidance After Oracle Cloud Hack appeared first on SecurityWeek.
