Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Oracle Identity Governance Suite 12c urgent mitigation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 59
1 unique sources, 1 articles

Summary

Hide ▲

CISA issued urgent mitigation guidance for Oracle Identity Governance Suite 12c after the product was tied to an actively exploited security issue. Operators were told to apply the relevant patches immediately or isolate the affected services from the public internet. The guidance matters because exposed identity services can be targeted remotely and the underlying flaw enables unauthenticated remote code execution.

Related Happenings

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA Apache ActiveMQ CVE-2026-34197 mitigation order

Advisory/Mitigation
First: 21.04.2026 14:17 Last: 21.04.2026 14:17 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure **Apache ActiveMQ** servers by **April 30** after **CVE-2026-34197** was confirmed **actively exploited**. The flaw can allow **arbitr...

Open Happening

CISA orders FCEB remediation for CVE-2025-60710

Public Sector Action
First: 15.04.2026 17:51 Last: 15.04.2026 17:51 Sources 1

About this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

CISA KEV order for CVE-2026-3055 on Citrix appliances

Public Sector Action
First: 31.03.2026 10:05 Last: 31.03.2026 10:05 Sources 1

About this happening: CISA added **CVE-2026-3055** to the **KEV Catalog** and ordered **FCEB agencies** to secure **Citrix NetScaler** appliances by **Thursday, April 2**, turning an **actively exploit...

Open Happening

Timeline

  1. 24.11.2025 02:00 2 articles · 6mo ago

    CISA issues urgent mitigation guidance for Oracle Identity Governance Suite 12c

    Mitigation Patch Update

    CISA urged organizations running Oracle Identity Governance Suite 12c to apply the relevant patches immediately or isolate the affected services from the public internet because CVE-2025-61757 was being exploited in the wild.

    Show sources
    Open in new tab
  2. 21.11.2025 02:00 1 articles · 6mo ago

    Oracle reports CVE-2025-61757 and CISA adds it to KEV

    Legal Policy Action Update

    Oracle reported CVE-2025-61757 and CISA added it to the Known Exploited Vulnerabilities catalog after reports that Oracle Identity Manager was being exploited in the wild.

    Show sources
    Open in new tab
  3. 20.11.2025 02:00 1 articles · 6mo ago

    Searchlight Cyber reveals CVE-2025-61757

    Initial Disclosure

    Searchlight Cyber revealed CVE-2025-61757 in Oracle Identity Manager, a critical flaw in the REST WebServices component of Oracle Fusion Middleware that allows unauthenticated remote code execution on affected versions 12.2.1.4.0 and 14.1.2.1.0.

    Show sources
    Open in new tab