Find notable cyber news and cases, enriched with sources, timelines, and signals.

Oracle Identity Manager and Oracle Web Services Manager unauthenticated RCE (CVE-2026-21992)

Vulnerability
First reported
Last updated
Happening score
H score 42
2 unique sources, 2 articles

Summary

Hide ▲

Oracle issued an out-of-band update to fix CVE-2026-21992, a critical unauthenticated remote code execution flaw in Oracle Identity Manager and Oracle Web Services Manager. The issue is remotely exploitable over HTTP with no authentication or user interaction and could lead to RCE on exposed servers. Oracle is strongly recommending immediate patching, while exploitation has not been confirmed.

Related Happenings

Oracle WebLogic Server unauthenticated remote compromise flaw (CVE-2024-21182)

Vulnerability
H score59 First: 02.06.2026 15:40 Last: 02.06.2026 15:40 Sources 1

About this happening: **CVE-2024-21182** in **Oracle WebLogic Server** is **actively exploited** and can let a **network-access attacker** achieve **unauthenticated remote compromise**. The flaw affect...

CISA orders federal patching of Oracle WebLogic CVE-2024-21182

Public Sector Action
H score53 First: 02.06.2026 15:40 Last: 02.06.2026 15:40 Sources 1

About this happening: CISA ordered **federal agencies** to patch **Oracle WebLogic Server** against **CVE-2024-21182** by **June 4**, creating an immediate remediation deadline for affected government...

Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave

Exploitation Wave
H score59 First: 26.03.2026 18:00 Last: 26.03.2026 18:00 Sources 1

About this happening: **Oracle WebLogic Server** systems faced a rapid **CVE-2026-21962** exploitation wave after public exploit code appeared, creating immediate **RCE risk** for exposed servers. The...

Langflow CVE-2026-33017 exploitation wave

Exploitation Wave
H score50 First: 20.03.2026 12:20 Last: 20.03.2026 12:20 Sources 1

About this happening: **CVE-2026-33017** in **Langflow** is being exploited in a **wider exploitation wave** that now includes **Monero miner** delivery against **exposed AI application endpoints**. Th...

Cl0p Oracle E-Business Suite zero-day extortion campaign

Campaign
H score37 First: 02.03.2026 15:53 Last: 02.03.2026 15:53 Sources 1

About this happening: The **Cl0p ransomware and extortion group** is running an **Oracle E-Business Suite** extortion campaign that used **zero-day vulnerabilities** to access data from **more than 100...

Timeline

  1. 20.03.2026 20:48 1 articles · 3mo ago

    Oracle releases out-of-band Security Alert for CVE-2026-21992

    Mitigation Patch Update

    Oracle released an out-of-band Security Alert to fix CVE-2026-21992, a critical unauthenticated remote code execution flaw in Oracle Identity Manager and Oracle Web Services Manager. The update is intended for supported versions of both products, including 12.2.1.4.0 and 14.1.2.1.0, to reduce risk on exposed servers.

    Show sources
  2. 20.03.2026 20:48 2 articles · 3mo ago

    Oracle details critical unauthenticated RCE in Identity Manager and Web Services Manager

    Initial Disclosure

    Oracle described CVE-2026-21992 as remotely exploitable over HTTP with low complexity, no authentication, and no user interaction, and assigned it a CVSS v3.1 score of 9.8. The advisory says the flaw affects Oracle Identity Manager and Oracle Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0, recommends applying updates or mitigations as soon as possible, and says exploitation has not been confirmed.

    Show sources