Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA orders federal patching of Oracle WebLogic CVE-2024-21182

Public Sector Action
First reported
Last updated
Happening score
H score 53
2 unique sources, 2 articles

Summary

Hide ▲

CISA ordered federal agencies to patch Oracle WebLogic Server against CVE-2024-21182 by June 4, creating an immediate remediation deadline for affected government systems. The directive followed CISA's addition of the flaw to its catalog of vulnerabilities exploited in attacks. The order applies to WebLogic deployments in the federal environment, while CISA also urged broader defenders to patch as soon as possible.

Related Happenings

Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)

Vulnerability
H score52 First: 29.06.2026 16:46 Last: 29.06.2026 16:46 Sources 1

About this happening: Oracle E-Business Suite CVE-2026-46817 is under active exploitation, putting Oracle Payments deployments at takeover risk. The flaw allows unauthenticated HTTP a...

Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)

Security Patch Release
H score53 First: 29.06.2026 16:46 Last: 29.06.2026 16:46 Sources 1

About this happening: Oracle's May 2026 Critical Security Patch Update addressed CVE-2026-46817 in Oracle E-Business Suite, a critical flaw in Oracle Payments that could let an...

Oracle WebLogic Server unauthenticated remote compromise flaw (CVE-2024-21182)

Vulnerability
H score59 First: 02.06.2026 15:40 Last: 02.06.2026 15:40 Sources 1

How related: The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers.

About this happening: CVE-2024-21182 in Oracle WebLogic Server is actively exploited and can let a network-access attacker achieve unauthenticated remote compromise. The flaw affect...

CISA orders FCEB patching for CVE-2026-9082

Public Sector Action
H score70 First: 26.05.2026 11:46 Last: 26.05.2026 11:46 Sources 1

About this happening: CISA added CVE-2026-9082 to the KEV Catalog and ordered FCEB agencies to patch Drupal by May 27, turning an actively exploited flaw into a mandatory federa...

Apex One on-premises server directory traversal zero-day (CVE-2026-34926)

Vulnerability
H score53 First: 22.05.2026 16:39 Last: 22.05.2026 16:39 Sources 1

About this happening: CVE-2026-34926 is a Trend Micro Apex One on-premises directory traversal zero-day that can let a privileged local attacker inject malicious code onto affected agents...

Timeline

  1. 02.06.2026 15:40 3 articles · 1mo ago

    CISA orders federal patching for Oracle WebLogic Server CVE-2024-21182

    Legal Policy Action Update

    CISA added CVE-2024-21182 to its catalog of vulnerabilities exploited in attacks and ordered federal agencies to patch Oracle WebLogic Server by midnight on Thursday, June 4, under Binding Operational Directive (BOD) 22-01. CISA also urged broader defenders to apply vendor mitigations or discontinue use of the product if mitigations are unavailable.

    Show sources