7.5
CVE-2026-21982 - Access Control Vulnerability in Oracle VM VirtualBox Allows Full System Compromise
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware whโฆ
4.6
CVE-2026-21981 - High-Privilege Unauthorized Read and Partial Denial of Service in Oracle VM VirtualBox
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromโฆ
6.5
CVE-2026-21980 - Unauthenticated HTTP Data Modification and Disclosure in Oracle Life Sciences Central Coding
Vulnerability in the Oracle Life Sciences Central Coding product of Oracle Health Sciences Applications (component: Platform). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Lifeโฆ
4.2
CVE-2026-21979 - High Privileged Local Data Access Vulnerability in Oracle Planning and Budgeting Cloud Service
Vulnerability in the Oracle Planning and Budgeting Cloud Service product of Oracle Hyperion (component: EPM Agent). The supported version that is affected is 25.04.07. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Planning and Budgeโฆ
6.5
CVE-2026-21978 - Unauthorized Data Access via HTTP in Oracle FLEXCUBE Relationship Pricing
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Relationship Pricing). Supported versions that are affected are 14.0.0.0.0-14.8.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP tโฆ
3.1
CVE-2026-21977 - Unauthenticated Network Access Leading to Unauthorized Data Read in Oracle Zero Data Loss Recovery โฆ
Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance (component: Security). Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via โฆ
7.1
CVE-2026-21976 - Unauthorized Local Privilege Escalation in Oracle Business Intelligence Enterprise Edition
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Oracle Analytics Cloud). Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure โฆ
4.5
CVE-2026-21975 - Java VM Crash Vulnerability in Oracle Database Server
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM. Sucโฆ
5.3
CVE-2026-21974 - Unauthenticated Data Exposure in Oracle Life Sciences Central Designer
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications (component: Platform). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Liโฆ
8.1
CVE-2026-21973 - Access Control Bypass Allows LowโPrivilege Attackers to Modify Critical Data in Oracle FLEXCUBE Invโฆ
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Security Management System). Supported versions that are affected are 14.5.0.15.0, 14.7.0.8.0 and 14.8.0.1.0. Easily exploitable vulnerability allows low privileged attacker with โฆ