Update: Added that Oracle declined to comment on whether the vulnerability has been exploited. Oracle has released an out-of-band security update to fix a critical unauthenticated remote code ...

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. Oracle on Friday issued out-of-band updates to patch a critical vulnerability ...

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability ...

Oracle published an out-of-band security alert for a critical vulnerability in Oracle Identity Manager and Oracle Web Services Manager, following in-the-wild exploitation of a related flaw in the same ...

Spread the loveIn a significant move to bolster cybersecurity, Oracle has released an emergency patch addressing a critical vulnerability identified as CVE-2026-21992. This flaw, discovered in both ...

Oracle has released an emergency update outside the usual quarterly Critical Patch Update (CPU) patch day. It closes a security vulnerability in Oracle Identity Manager and Web Services Manager, which ...

Emergency out-of-band fixes issued by enterprise IT giants Microsoft and Oracle have shone a spotlight on issues around both update cycles and patching, and identity security and zero-trust. Microsoft ...

Oracle broke its usual patch cycle this week to announce a critical vulnerability in its Fusion Middleware. On March 19, the enterprise software and cloud computing giant released a special security ...