The Hacker News

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.
Dark Reading

Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw

Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.
SecurityWeek

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

Oracle issues out-of-band updates to patch CVE-2026-21992, a critical vulnerability in Identity Manager and Web Services ...

Oracle pushes emergency fix for critical Identity Manager RCE flaw

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in ...
Network World

Oracle promises space savings, more efficient patching in latest database

Oracle’s newest database management system places increased emphasis on green technology while simplifying application testing and making it easier to patch. Oracle released a major upgrade of its ...
ZDNet

Time to get patching: Oracle's quarterly Critical Patch Update arrives with 520 fixes

Enterprise software giant Oracle has released its April Critical Patch Update (CPU) advisory, which includes 520 fixes for security flaws. Critical Patch Updates are collections of security fixes for ...