5.4
CVE-2026-21971 - Low-Privilege HTTP Vulnerability in Oracle PeopleSoft Enterprise SCM Purchasing Enabling Unauthoriz…
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Purch…
6.5
CVE-2026-21970 - Remote Unauthorized Data Access via Low Privilege HTTP Attack in Oracle Life Sciences Central Desig…
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications (component: Platform). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Lif…
9.8
CVE-2026-21969 - Remote Code Execution via Unauthenticated HTTP in Oracle Agile Product Lifecycle Management
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac…
8.6
CVE-2026-21967 - Unauthenticated Remote Access and Partial DoS via Opera Servlet
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT…
6.1
CVE-2026-21966 - Unauthenticated Authorization Bypass in Oracle Hospitality OPERA 5 Property Services
Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network acc…
6
CVE-2026-21963 - High-Privilege Data Access via Oracle VM VirtualBox Vulnerability
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to comprom…
10
CVE-2026-21962 - Unauthorized Data Modification via Unauthenticated HTTP Access in Oracle HTTP Server and Weblogic P…
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.…
6.1
CVE-2026-21961 - Unauthenticated Network Access Enables Unauthorized Changes and Read of Oracle PeopleSoft HR Data
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer, Employee Snapshot). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP …
6.5
CVE-2026-21960 - Oracle Applications DBA Unauthorized Data Access via HTTP
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java utils). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA. Su…
4.9
CVE-2026-21959 - Exploitable Oracle Workflow Vulnerability Enabling Unauthorized Data Access
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful at…