10
CVE-2026-21962 - Unauthorized Data Modification via Unauthenticated HTTP Access in Oracle HTTP Server and Weblogic P…
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.…
6.1
CVE-2026-21961 - Unauthenticated Network Access Enables Unauthorized Changes and Read of Oracle PeopleSoft HR Data
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer, Employee Snapshot). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP …
6.5
CVE-2026-21960 - Oracle Applications DBA Unauthorized Data Access via HTTP
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java utils). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA. Su…
4.9
CVE-2026-21959 - Exploitable Oracle Workflow Vulnerability Enabling Unauthorized Data Access
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful at…
7.5
CVE-2026-21957 - Local Privilege Escalation in Oracle VM VirtualBox Due to Improper Privilege Management
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compr…
8.2
CVE-2026-21956 - VirtualBox Core Privilege Escalation Enables Full Host Compromise
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to comprom…
8.2
CVE-2026-21955 - Exploitable Resource Consumption Allows Full VirtualBox Takeover
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to comprom…
6.1
CVE-2026-21951 - Unauthenticated HTTP Vulnerability in Oracle PeopleSoft Integration Broker Allows Unauthorized Data…
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft…
3.1
CVE-2026-21947 - Unauthenticated Integrity Compromise via JavaFX in Oracle Java SE 8u471-b50
Vulnerability in Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks require human int…
6.1
CVE-2026-21946 - JD Edwards EnterpriseOne Tools: Unauthenticated HTTP Access Enables Unauthorized Data Modification
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards Enterpris…