Find notable cyber news and cases, enriched with sources, timelines, and signals.

Oracle security patch release for CVE-2026-21992

Security Patch Release
First reported
Last updated
Happening score
H score 44
1 unique sources, 1 articles

Summary

Hide ▲

Oracle released security updates for CVE-2026-21992, a critical flaw in Identity Manager and Web Services Manager that could enable unauthenticated remote code execution. The patch matters because the affected versions include 12.2.1.4.0 and 14.1.2.1.0, and Oracle urged customers to apply the update without delay. Oracle said it has no evidence of in-the-wild exploitation for this issue.

Related Happenings

Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)

Security Patch Release
H score53 First: 29.06.2026 16:46 Last: 29.06.2026 16:46 Sources 1

About this happening: **Oracle**'s **May 2026 Critical Security Patch Update** addressed **CVE-2026-46817** in **Oracle E-Business Suite**, a **critical** flaw in **Oracle Payments** that could let an...

SimpleHelp security update for CVE-2026-48558

Security Patch Release
H score65 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...

Ivanti EPMM patch release for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821

Security Patch Release
H score66 First: 07.05.2026 18:20 Last: 07.05.2026 18:20 Sources 1

About this happening: Ivanti released a security update for on-prem Endpoint Manager Mobile (EPMM) covering CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821. The patch addresses high-seve...

Latest development: 07.05.2026 20:55

Ivanti released fixes for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821 in Endpoint Manager Mobile (EPMM). The updates apply only to on-prem EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1, and Ivanti said the issues are not present in Ivanti Neurons for MDM, Ivanti EPM, Ivanti Sentry, or other Ivanti products.

CPanel security patch release for CVE-2026-41940

Security Patch Release
H score89 First: 29.04.2026 12:37 Last: 29.04.2026 12:37 Sources 1

About this happening: **cPanel** released **security updates** for **cPanel and WHM** after an **authentication bypass** flaw could let remote attackers reach control-panel access, with fixes now cover...

Latest development: 04.05.2026 22:14

CVE-2026-41940 in cPanel, WebHost Manager (WHM), and WP Squared was rapidly exploited after public disclosure, with Censys reporting attacks from multiple threat actors within 24 hours and about 15,000 potentially compromised instances in the first day. KnownHost said about 30 managed cPanel servers showed attempted exploitation, WatchTowr Labs published a PoC exploit and technical analysis, and Defused said much of the observed activity copied WatchTowr's PoC exactly.

LiteLLM security patch release for CVE-2026-42208

Security Patch Release
H score31 First: 29.04.2026 00:07 Last: 29.04.2026 00:07 Sources 1

About this happening: **LiteLLM version 1.83.7** ships a fix for **CVE-2026-42208**, closing a **critical SQL injection** path in the proxy API key verification flow. The release replaces **string conc...

Timeline

  1. 21.03.2026 12:24 2 articles · 3mo ago

    Oracle releases security update for CVE-2026-21992

    Mitigation Patch Update

    Oracle released security updates for CVE-2026-21992 affecting Oracle Identity Manager and Oracle Web Services Manager versions 12.2.1.4.0 and 14.1.2.1.0, addressing a remotely exploitable unauthenticated flaw that could enable remote code execution and urging customers to apply the update without delay.

    Show sources