6.1
CVE-2026-34274 - Unauthenticated HTTP Access Allows Data Modification in Oracle Configurator
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Succes…
5.3
CVE-2026-34273 - Unauthenticated HTTP Data Read Vulnerability in Oracle GoldenGate 23.4-23.10
Vulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks of this vulnerability can result in un…
6.1
CVE-2026-34269 - Unauthenticated Portal Access Enables Unauthorized Data Modification in Oracle PeopleSoft PeopleToo…
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools…
6.5
CVE-2026-34266 - HTTP-Based Data Manipulation via High Privileges in PeopleSoft HCM Absence Management
Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Ent…
5.4
CVE-2026-22019 - HTTP‑based Privilege‑Escalation and Data Manipulation in Oracle PeopleSoft HCM Shared Components
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (component: Person Search). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise…
3.8
CVE-2026-22014 -
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versions that are affected are 12.2.7-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User…
7.6
CVE-2026-22011 - High‑Privilege Remote Takeover via HTTP in Oracle Applications DBA
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: ADPatch). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA. Suc…
7.5
CVE-2026-22010 - Unauthenticated HTTP Remote Confidentiality Exposure in Oracle Financial Services Analytical Applic…
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker wi…
5.4
CVE-2026-22006 - PeopleSoft Employee Snapshot Vulnerability Allows Unauthorized Data Modification
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Employee Snapshot). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterpri…
6
CVE-2026-22003 - Local Privileged Code Execution and Denial of Service in Oracle Java SE and GraalVM
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged…