9.8
CVE-2026-34275 - Remote Code Execution via HTTP in Oracle Advanced Inbound Telephony
Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac…
6.1
CVE-2026-34274 - Unauthenticated HTTP Access Allows Data Modification in Oracle Configurator
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Succes…
5.3
CVE-2026-34273 - Unauthenticated HTTP Data Read Vulnerability in Oracle GoldenGate 23.4-23.10
Vulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks of this vulnerability can result in un…
6.1
CVE-2026-34269 - Unauthenticated Portal Access Enables Unauthorized Data Modification in Oracle PeopleSoft PeopleToo…
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools…
6.5
CVE-2026-34266 - HTTP-Based Data Manipulation via High Privileges in PeopleSoft HCM Absence Management
Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Ent…
5.4
CVE-2026-22019 - HTTP‑based Privilege‑Escalation and Data Manipulation in Oracle PeopleSoft HCM Shared Components
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (component: Person Search). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise…
3.8
CVE-2026-22014 -
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versions that are affected are 12.2.7-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User…
7.6
CVE-2026-22011 - High‑Privilege Remote Takeover via HTTP in Oracle Applications DBA
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: ADPatch). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA. Suc…
7.5
CVE-2026-22010 - Unauthenticated HTTP Remote Confidentiality Exposure in Oracle Financial Services Analytical Applic…
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker wi…
5.4
CVE-2026-22006 - PeopleSoft Employee Snapshot Vulnerability Allows Unauthorized Data Modification
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Employee Snapshot). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterpri…