The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
InfoWorld

Oracle patches critical database hole

The buffer overflow vulnerability affects all supported versions of Oracle database servers and could enable a remote attacker to compromise the data Oracle released a patch for a recently-discovered ...
SecurityWeek

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

Oracle issues out-of-band updates to patch CVE-2026-21992, a critical vulnerability in Identity Manager and Web Services ...
CRN

Oracle Now Says ‘Critical’ Zero-Day Flaw Behind Data Extortion Attacks, Releases Patch

The disclosure follows reports that the cybercriminal group Clop has been extorting a significant number of E-Business Suite customers. Oracle is now linking a widespread data extortion campaign ...
Computerworld

Oracle releases 59 patches for security flaws, 28 critical

Oracle Corp. released a set of 59 patches on Monday to fix security vulnerabilities across its entire range of database, application and middleware products. The patches include fixes for three ...