4.5
CVE-2026-21975 - Java VM Crash Vulnerability in Oracle Database Server
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM. Suc…
5.3
CVE-2026-21974 - Unauthenticated Data Exposure in Oracle Life Sciences Central Designer
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications (component: Platform). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Li…
8.1
CVE-2026-21973 - Access Control Bypass Allows Low‑Privilege Attackers to Modify Critical Data in Oracle FLEXCUBE Inv…
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Security Management System). Supported versions that are affected are 14.5.0.15.0, 14.7.0.8.0 and 14.8.0.1.0. Easily exploitable vulnerability allows low privileged attacker with …
5.3
CVE-2026-21972 - Unauthenticated HTTP Access Leads to Confidential Data Exposure in Oracle Configurator
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Succes…
5.4
CVE-2026-21971 - Low-Privilege HTTP Vulnerability in Oracle PeopleSoft Enterprise SCM Purchasing Enabling Unauthoriz…
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Purch…
6.5
CVE-2026-21970 - Remote Unauthorized Data Access via Low Privilege HTTP Attack in Oracle Life Sciences Central Desig…
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications (component: Platform). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Lif…
9.8
CVE-2026-21969 - Remote Code Execution via Unauthenticated HTTP in Oracle Agile Product Lifecycle Management
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac…
8.6
CVE-2026-21967 - Unauthenticated Remote Access and Partial DoS via Opera Servlet
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT…
6.1
CVE-2026-21966 - Unauthenticated Authorization Bypass in Oracle Hospitality OPERA 5 Property Services
Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network acc…
6
CVE-2026-21963 - High-Privilege Data Access via Oracle VM VirtualBox Vulnerability
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to comprom…